[Derry] Fwd: iptables

ray derry at mailman.lug.org.uk
Thu Feb 6 23:14:01 2003 

On Wednesday 05 February 2003 20:39, Garvin Haslett wrote:
> Here's the output of the command on my system.  I take it this is saying
> that I have no firewalls.

Correct.  
Client side firewalls generally only cause a problem with active mode ftp.  Passive mode is the default for the ftp client.

> I'm still getting the unusual situation that browser downloads work fine but 
> command line ftps are put into Passive mode and then invariably time out
Need more information about what you are actually doing and what response you get.  I have just connected to one of the servers listed on:
http://rpmseek.com/rpm-dl/cups-1.1.18-1.1mdk.i586.html?hl=com&cx=0:-:0:422858:0:0
   and this is what happened:

sysman@daniela:~> ftp ftp.gwdg.de
Connected to ftp.gwdg.de.
220-Gesellschaft fuer wissenschaftliche Datenverarbeitung mbH Goettingen
220-====================================================================
220-This is a Linux PC (GA6-BXDU board, 1 CPU P-III/1000, 1 GB RAM)
220-running SuSE-Linux-7.3 under kernel 2.4.19.
220-/pub is reiserfs on LVM with 8 SCSI U2W disks 18 GB on 2 channels
220-/pub/misc is ext3 on LVM with 4 IDE disks 80 GB on 2 channels
220-
220-Thanks to SuSE GmbH for donating some disk space.
220-
220-For questions and other contacts to the ftp-admin, mailto:emoenke@gwdg.de
220-All transfers are logged. The local time is Fri Feb  7 00:04:30 2003.
220-
220-Limits: Domains gwdg.de, uni-goettingen.de, mpg.de:  200 sessions.
220-        Other domains:      Mon - Fri 8:00 - 18:00: 1800 sessions
220-                                       other times: 2000 sessions. yes.
220-Your domain limit: 2000    active sessions: 557
220-
220-Login as "ftp" or "anonymous" and use your email address as password.
220-
220 ftp.gwdg.de FTP server (Version wu-2.4.2-academ[BETA-18-em](1) Mon Oct 29 14:40:37 MET 2001) ready.
Name (ftp.gwdg.de:sysman): ftp
331 Guest login ok, send your complete e-mail address as password.
Password:
230-Hello User at dial-62-64-207-214.access.uk.tiscali.com,
230-we have 559 users (max 2000) logged in in your class at the moment.
230-Local time is: Fri Feb  7 00:04:51 2003
230-All transfers are logged. If you don't like this, disconnect now.
230-
230-tar-on-the-fly and gzip-on-the-fly are implemented; to get a whole
230-directory "foo", "get foo.tar" or "get foo.tar.gz" may be used.
230-Please use gzip-on-the-fly only if you need it; most files already
230-are compressed, and I will kill your processes if you waste my
230-ressources.
230-
230-The command "site exec locate pattern" will create a list of all
230-path names containing "pattern".
230-
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /pub/linux/mandrake/updates/9.0/RPMS/
250 CWD command successful.
ftp> ls *cups*
227 Entering Passive Mode (134,76,11,100,194,68)
150 Opening ASCII mode data connection for /bin/ls.
-rw-r--r--    1 emoenke  ftp       2306031 Dec 21 20:35 cups-1.1.18-1.1mdk.i586.rpm
-rw-r--r--    1 emoenke  ftp        288157 Dec 21 20:35 cups-common-1.1.18-1.1mdk.i586.rpm
-rw-r--r--    1 emoenke  ftp       4412960 Jan  8 00:57 cups-drivers-1.1-84.2mdk.i586.rpm
-rw-r--r--    1 emoenke  ftp         29555 Dec 21 20:35 cups-serial-1.1.18-1.1mdk.i586.rpm
-rw-r--r--    1 emoenke  ftp        105079 Dec 21 20:35 libcups1-1.1.18-1.1mdk.i586.rpm
-rw-r--r--    1 emoenke  ftp        131187 Dec 21 20:35 libcups1-devel-1.1.18-1.1mdk.i586.rpm
226 Transfer complete.
ftp> quit
221 Goodbye.
sysman@daniela:~>

Please just reply to messages. if you keep starting new threads/subjects with every posting it becomes a bit difficult to follow the topic.

--  
  ray