This iptables entry works for what I am doing.
Thanks,
-Troy
Gaddis, Jeremy L. wrote:
On 12/11/06, Troy Knabe <knabe@xxxxxxxxxxx> wrote:
Thanks to everyone who responded. When you do an ls or dir on a remote
host, it creates a "new" connection back to the server, so it is not
persistent. It appears to be grabbing a random port in the 53*** area.
Such is the nature of the FTP protocol.
Is there syntax in iptables to allow all ports from a host over port
1024?
Try "iptables -A INPUT -p tcp -s A.B.C.D/255.255.255.255 --dport
1024:65535 -j ACCEPT"
I also had to issue the *passive* command once connected before I could
run an ls or dir.
"passive" indicates that the FTP client indicates the data connection
to the server, while using "active" mode (normally the default) the
FTP server initiates the data connection back to the client (which can
present problems if there is a firewall active).
-j
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
