FTP Active mode

Home Page Forums Network Management Networking FTP Active mode

This topic contains 3 replies, has 0 voices, and was last updated by  phb 7 years, 11 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #42979

    phb
    Member

    Hi,

    I’am testing your firewall and it’s great distrib. thank you

    I trying multi-wan with succes BUT not with ftp in active mode 🙁 (PAssive mode is OK)

    on virtual server i forward port tcp/up 20 and 21 but when ftp client trying my internal ftp server on ls command client have no response 🙁

    zeroshell is working with ftp in active mode ? specific parameter

    Thank you for your help !

    #51739

    atheling
    Member

    At least on my ZS box (currently a beta12 install) the appropriate iptables connection tracking modules for FTP are installed. However there needs to be some rules in the iptables to allow the connections “related” to the FTP command connections for this to work.

    I’ve not setup FTP through my ZS box so I can’t give you the exact setup, but if you do a web search for “iptables ftp” you’ll find some links telling you what the end result has to be. Then the next step is figuring out the changes in the ZS GUI that will end up with the same result.

    I guess this is not a really useful reply, but it might get you started.

    #51740

    phb
    Member

    hi, thx for your help,

    But iptable ftp is not enough 🙁 … we have dualwan and in 2 weeks triwan … and i don’t find working example …

    #51741

    atheling
    Member

    How do you have your firewall configured? Since the usual way to protect yourself is to setup input rule, I am assuming you’ve set something there…

    I believe that if you have an entry at or near the top that is of the form:

    ACCEPT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED

    That the FTP data streams that are “related to” your FTP stream will be passed through.

    #51742

    phb
    Member

    hi atheling,

    Sorry i just discover zeroshell, where in webgui (or shell ?) i can put this rules ?

    (my config is just ‘default’ just confi gateway, load balance, forward port 20,21 to my FTP LAN server that’s all)

    Edit : I trying add input (in firewall security menu) without succes 🙁

    zeroshell show me this line :
    ACCEPT all opt — in * out * 0.0.0.0/0 -> 0.0.0.0/0 state RELATED,ESTABLISHED

    (same like you line)

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.