[Gllug] ftp / iptables

Paul Brazier pbrazier at cosmos-uk.co.uk
Wed Oct 31 13:09:55 UTC 2001


> hmm.. I don't know much about ident lookups
> 
> but it does seem odd to me that the client should connect 
> from 113 to a
> hight port ... are you sure it isn't that the server is 
> connecting to 113
> and the client tries to relpy (to a high port on the server) but its
> replies are blocked ???

I think from memory that the log tables have a "SYN" near the end for
the client port 113 packets. This would indicate it was a connection
initiated by the client? (I'm not too familiar with these tcp flags).
Definitely the firewall lets everything out and the only denied logged
packets on the INPUT chain were sport:113, dport:32997 or something.

I would have thought all this would be "RELATED" to the initial ftp
packets but perhaps this only accounts for the pure ftp data connections
and not special features of some ftp clients/servers like identd
lookups?

If I can't get it sorted tonight I'll post the iptables log entries
tomorrow.


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the originator.

This footnote also confirms that this email message has been checked
for the presence of computer viruses.

**********************************************************************


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list