[wellylug] ProFTPD problems
Richard Hector
rhector at actrix.gen.nz
Mon Jan 14 09:46:51 NZDT 2002
Jamie Dobbs wrote:
>
> Hi all
>
> I'm running a Linux box behind our firewall at work as an FTP server.
> Of the 2 clients that use it one has no problems but the other cannot
> connect to it. The one having problems says that our FTP server is
> assigning the 'data channel' on a seemingly random port above 60000
> (?) and he says that their firewall cannot cope with this as it
> expects the data channel to be on the 'standard' port of 20 - what
> configuration changes can I make to enable this?
> We are running proFTPD 1.2.2
Firstly 1.2.3 fixes a security hole, and 1.2.4 fixes another bug
(according to the web site), so you should probably upgrade.
The users guide there says it does use source port 20 for the data
channel. On the other hand, it can't do that if the client requests
passive mode, so perhaps they're doing that? I think most web browsers
use passive mode by default. If their firewall allows back connections
from port 20, they don't need passive mode and can use normal mode.
Note that neither you nor the ProFTPD user guide are very clear whether
you're talking about source or data ports, so I'm filling in the gaps
from other sources. If they're expecting the server to open the data
channel with a _destination_ port 20, they're wasting their time,
because it's not under the server's control, and an ftp client can't
normally allocate a port that low, because it needs to be root to do so.
HTH,
Richard
------------------------ Yahoo! Groups Sponsor ---------------------~-->
Sponsored by VeriSign - The Value of Trust
Do you need to encrypt all your online transactions? Find
the perfect solution in this FREE Guide from VeriSign.
http://us.click.yahoo.com/vCuuSA/UdiDAA/yigFAA/0XFolB/TM
---------------------------------------------------------------------~->
.-. Wellington
/V\ Linux
// \\ Users
/( )\ Group
^^-^^
http://wlug.paradise.net.nz/
To unsubscribe from this group, send an email to:
wellylug-unsubscribe at egroups.com
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
More information about the wellylug
mailing list