two machines on the same private network.  

Connected to
220 FTP server (Version 6.00LS) ready.
Name ( 
331 Password required for username.
230 User username logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
229 Entering Extended Passive Mode (|||64341|)

at this point, there is a long delay, that eventually completes:

200 EPRT command successful.
150 Opening ASCII mode data connection for '/bin/ls'

... and the rest of the ftp session runs fast.

on the ftp server, if we "ipfw disable firewall", the ftp session runs without 

in hosts file, both machines have both of their records, so we don't think the 
delay is query for PTR of either IP.

our ipfw.rules:

# stateful
$IPF 50 check-state
$IPF 60 allow tcp  from any to any established 
$IPF 70 allow all  from any to any out keep-state
$IPF 80 allow icmp from any to any

# open well-known ports

$IPF 120 allow tcp from any to any 20 in
$IPF 121 allow tcp from any to any 20 out
$IPF 122 allow tcp from any to any 21 in
$IPF 123 allow tcp from any to any 21 out

In inetd.conf, we've added "-l -l -d" but don't get any ftpd debug info written 
to /var/log/messages or /var/log/xferlog or dmesg system buffer.

So what else is needed inf our ifpw.rules for the ftpd params to get the switch 
to Extended Passive Mode to run quickly?


IMGate OpenSource Mail Firewall

_______________________________________________ mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to