[Gllug] proftp and errors and iptables
Xander D Harkness
xander at harkness.co.uk
Wed Nov 6 17:52:32 UTC 2002
Magnus Nilsson wrote:
>On Wed, 2002-11-06 at 17:32, Xander D Harkness wrote:
>
>
>>I am running proftpd version 1.2.0pre10.
>>
>>I can connect to the server and login, transfer etc. under Linux without
>>any problems.
>>
>>Other clients using windows complain of the following error:
>>
>>Details:
>>200 Type set to A.
>>200 PORT command successful
>>425 Cant'd build data connection: Connection refused
>>
>>I have not firewalled port 20 or 21 and I attach the log below. Can
>>someone suggest some pointers?
>>
>>
>>
>
>Linux clients using PASV while the Windows ones are not?
>
>
>
It actually appears that I have created the problems with the firewall.
If I disable filtering to the server it works okay:
The filtering I have on is as follows - none as far as I can see. This
is at the top of the iptables list, being the first entry it should
allow all traffic to and from the proftp server. I have discovered that
if I turn off iptables then access to the server by a windows box is okay.
Kind regards
Xander
Chain FORWARD (policy ACCEPT)
target prot opt source destination
LOG tcp -- anywhere www2.harkness.co.uktcp LOG
level warning
ACCEPT tcp -- anywhere www2.harkness.co.uktcp
LOG udp -- anywhere www2.harkness.co.ukudp LOG
level warning
ACCEPT udp -- anywhere www2.harkness.co.ukudp
LOG icmp -- anywhere www2.harkness.co.ukicmp
echo-reply LOG level warning
ACCEPT icmp -- anywhere www2.harkness.co.ukicmp echo-reply
LOG tcp -- www2.harkness.co.uk anywhere tcp LOG
level warning
ACCEPT tcp -- www2.harkness.co.uk anywhere tcp
LOG udp -- www2.harkness.co.uk anywhere udp LOG
level warning
ACCEPT udp -- www2.harkness.co.uk anywhere udp
LOG icmp -- www2.harkness.co.uk anywhere icmp
echo-reply LOG level warning
ACCEPT icmp -- www2.harkness.co.uk anywhere icmp echo-reply
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list