These numbers are below the 1024 port number. Does that mean that only root can bind these ports?
On Fri, Mar 12, 2010 at 2:28 PM, Sai Pullabhotla < [email protected]> wrote: > The last two numbers give the port information to the client so the > client can connect back to the server for sending/receiving data. The > actual port number is calculated using (256*n1) + n2. Of course, this > is the standard syntax defined in the FTP protocol. > > Regards, > Sai Pullabhotla > > > > > > On Fri, Mar 12, 2010 at 8:21 AM, Aidan Diffey > <[email protected]> wrote: > > Just out of interest, what do the numbers mean in the line: > > > > *227 Entering Passive Mode (10,101,64,144,173,138)* > > > > I can see the 10 101 64 144 is the IP address of the server, but what > about > > the 173, 138 numbers? > > > > On Fri, Mar 12, 2010 at 2:07 PM, Aidan Diffey > > <[email protected]>wrote: > > > >> Sorry, that IP tables entry should have been: > >> > >> > >> *DNAT tcp -- anywhere anywhere tcp > dpt:ftp > >> to:10.101.64.144:10121 > >> * > >> > >> > >> > >> On Fri, Mar 12, 2010 at 1:56 PM, Niklas Gustavsson < > [email protected]>wrote: > >> > >>> On Fri, Mar 12, 2010 at 2:46 PM, Niklas Gustavsson < > [email protected]> > >>> wrote: > >>> > In these case, are you really running behind iptables? Because, it > >>> > struck me that since you map the ports, the client will try to > connect > >>> > to the server on 10120 since that's what the server told him to do in > >>> > the response to the PASV command. He will not know to connect on port > >>> > 20. > >>> > >>> That being said, we currently support providing an "external" IP > >>> address for passive connection, for use when we're behind a NAT. But, > >>> we do not support providing an "external" port, for this kind of use. > >>> We surely could, if people are really interested in port mapping > >>> passive connections. I doubt it is that useful, but who knows :-) > >>> > >>> /niklas > >>> > >> > >> > > >
