On Tuesday 16 July 2002 17:01, you wrote: > Yes, passive mode (ie from a web browser) works fine. What I think is
ok. um, sorry I must be missing something - what exactly is wrong with passive mode again? > happening is that the "normal" ftp session starts a data channel on Port 20 > but the request comes from the "Outside" and because of masquerading fails > - hence the need for the additional module under RedHat 6.2. > > I must admit to a degree of "laziness" with regard to changing to iptables > because I had an exisitng script from another site I help with (RH 6.2) > that works fine !! > > It is likely that the user of this system will only use FTP from a browser > so I may be OK ..... oh... (you do realise you can use passive mode with command line ftp too right? after you log in type 'passive'...) > > Thanks > > Richard S > > >>> gjw49 <[EMAIL PROTECTED]> 07/16 4:56 >>> > > On Tuesday 16 July 2002 14:17, Richard Smart wrote: > > I am setting up a firewall using ipchains and RedHat 7.2 . Previously > > when doing this type of thing (RedHat 6.2 boxes) , I have had to use a > > module ftp-masq.o to allow ftp connections with masquerading. > > > > It appears that 7.2 does not have this module (built in?) but I cannot > > establish complete ftp sessions, that is I can connect, but cannot do for > > example ls to get the file list from the ftp site. > > have you tried using passive mode? > > > Running an ftp session via Web browser is fine (uses the alternative ftp > > data method, not port 20?), but a standard session (from the command > > line) does not work (unable to set up PORT). > > > > Has anyone any suggestions? > > > > Richard Smart
