[Lancaster] Firewall problem

Mike Livsey mike.livsey at gmail.com
Tue Sep 22 12:00:27 UTC 2009 

Does your firewall have application level monitoring?

It may be that you need to specifically allow the application to be
accessed, as well as opening the relevant ports.



2009/9/22 Ken Hough <kenhough at btinternet.com>

> On Monday 21 September 2009 16:13:50 Richard Robinson wrote:
> > On Mon, Sep 21, 2009 at 02:45:38PM +0100, andy baxter wrote:
> > > Sorry I'm confused too. Did you try my suggestion of using wireshark to
> > > look at what's happening over the network when you try to connect?
> >
> > This is probably a stupid comment, I'm not a expert at this stuff & I
> > haven't really been paying much attention ... but :- it's not a question
> of
> > packet type, is it ? Does the firewall select for TCP / UDP ?
>
> I've tried enabling UDP on the firewall, but this didn't help.
>
> Recent tests as follows:
>
> 1. Accessed vsftpd locally as ftp://localhost (with the firewall enabled)
> without any problems. This confirms that vsftpd is working as I intended.
>
> 2. Accessing the vsftpd server remotely (with firewall enabled) via my
> laptop
> running Firefox under winXP again failed. On dropping the firewall on the
> server machine, again all was well.
>
> Clearly:
>
> --  there is a problem with the firewall on the server machine.
>
> --  the setup on the laptop PC is working!
>
>
> As Andy recommended, I installed 'wireshark' on the laptop machine. This
> runs
> OK, but before commenting on what I found, I'd like to spend a bit of time
> figuring out all of what it told me.
>
> It does seem that with the firewall running, I get a connection, but this
> is
> then dropped.
>
> Ho hum! Life is fun!  :-)
>
> Further investigation has shown that one or more TCP ports in the range
> 50000
> to 55000 is/are being accessed. ie if I enable this range, I get full
> access.
>
> A bit more experimentation should allow me to home in of the ports
> needed.  :-)
>
> Ken Hough
>
> _______________________________________________
> Lancaster mailing list
> Lancaster at mailman.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/lancaster
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.lug.org.uk/pipermail/lancaster/attachments/20090922/c95ece75/attachment.htm

More information about the Lancaster mailing list