Troy Knabe wrote:
Thanks to everyone who responded. When you do an ls or dir on a remote
host, it creates a "new" connection back to the server, so it is not
persistent. It appears to be grabbing a random port in the 53*** area.
Is there syntax in iptables to allow all ports from a host over port 1024?
I also had to issue the *passive* command once connected before I could
run an ls or dir.
If you want to have iptables firewalling between these two systems you could try
the ftp_conntrack module. It is designed to handle this issue. It examines
traffic on the standard FTP port which requests a DATA connection, and pokes
dynamic holes in the iptables configuration to allow the data through.
--
Nigel Wade, System Administrator, Space Plasma Physics Group,
University of Leicester, Leicester, LE1 7RH, UK
E-mail : nmw@xxxxxxxxxxxx
Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list