[Lancaster] Firewall problem

[Ken Hough]

On Monday 21 September 2009 16:13:50 Richard Robinson wrote:
> On Mon, Sep 21, 2009 at 02:45:38PM +0100, andy baxter wrote:
> > Sorry I'm confused too. Did you try my suggestion of using wireshark to
> > look at what's happening over the network when you try to connect?
>
> This is probably a stupid comment, I'm not a expert at this stuff & I
> haven't really been paying much attention ... but :- it's not a question of
> packet type, is it ? Does the firewall select for TCP / UDP ?

I've tried enabling UDP on the firewall, but this didn't help.

Recent tests as follows:

1. Accessed vsftpd locally as ftp://localhost (with the firewall enabled)
without any problems. This confirms that vsftpd is working as I intended.

2. Accessing the vsftpd server remotely (with firewall enabled) via my laptop 
running Firefox under winXP again failed. On dropping the firewall on the 
server machine, again all was well.

Clearly:

--  there is a problem with the firewall on the server machine.

--  the setup on the laptop PC is working!


As Andy recommended, I installed 'wireshark' on the laptop machine. This runs 
OK, but before commenting on what I found, I'd like to spend a bit of time 
figuring out all of what it told me.

It does seem that with the firewall running, I get a connection, but this is 
then dropped.

Ho hum! Life is fun!  :-)

Further investigation has shown that one or more TCP ports in the range 50000 
to 55000 is/are being accessed. ie if I enable this range, I get full access.

A bit more experimentation should allow me to home in of the ports 
needed.  :-)

Ken Hough