It is because your firewall is not allowing the higher port which is needed for ftp data connection. During directory listing you may see the message "opening data connection for directory listing" - but it is failed due to the firewall configuration. change the firewall option of blocking ports and it will be solved. ===============example ============= connecting to 192.168.1.200:21 Connected to 192.168.1.200 port 21 220 ready, dude (vsFTPd 1.1.0: beat me, break me) USER koushik 331 Please specify the password. PASS (hidden) 230 Login successful. Have fun. CWD /Ipswitch/Product_Downloads 550 Failed to change directory. PWD 257 "/home/koushik" SYST 215 UNIX Type: L8 Host type (S): UNIX (standard) PASV 227 Entering Passive Mode (192,168,1,200,96,64) connecting to 192.168.1.200:24640 - - connecting to 192.168.1.200:24640 Connected to 192.168.1.200 port 24640 LIST 150 Here comes the directory listing. Received 8771 bytes in 1.0 secs, (86.65 Kbps), transfer succeeded 226 Directory send OK. =================================
Mani wrote: > I recently replaced a Netgear firewall/router with a RH 9 box running > IPTABLE's. I configured iptables for NAT/MASQ using webmin. The > configuration works perfectly fine except for one small problem; LAN users > are able to conntect to ftp server, but they cannot get a directory list > from the ftp server. They get an ILLEGAL port command (502), Cannot build > data connection: connection refused. > > I have no rules set for filetering.. > > Regards > Mani > > _______________________________________________ > ilugd mailing list > [EMAIL PROTECTED] > http://frodo.hserus.net/mailman/listinfo/ilugd -- Koushik Ghosh. Chinsurah, Hooghly, India. E-Mail ID: [EMAIL PROTECTED] Home Page http://koushik.fateback.com/ GNU/Linux - Choice of the Freedom Lovers. _______________________________________________ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd
