Re: [Masq] ip_masq_ftp module does not work

Daniell Freed Thu, 21 Dec 2000 06:32:09 -0800
/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */


I too am having a similar problem.  My ftp connection doesn't hang, but
I do get the error "Data connection refused" or something of the sort.
Basically, the syn packet is recieved one of my input rules ( ipchains -A
input -p TCP -i $externalinterface -s 0/0 -d 0/0 -y -l -j REJECT) which
bocks any connection requests (ie any SYN packets that are incoming) bocks
the packet and logs the attempt.  The only work around I currently have is
to not include this rule in my firewall, but that isn't a very good option
because now I don't get the extra security that this rule offers.

Any help would be appreciated.

Daniell Freed


Jan Stifter wrote:

> /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
> /* ALSO: Don't quote this header. It makes you look lame :-) */
>
> hello all,
>
> even though i modprobe the ip_masq_ftp module and lsmod shows me the
> ip_masq_ftp module, i can not get a data channel to an ftp server. as
> soon as i type ls, the connection hangs.
>
> my kernel is a clean 2.2.17, ip_masq_ftp.c shows
>  * Version:     @(#)ip_masq_ftp.c 0.10   20/09/00
>
> (i have patched it, original module is 0.04)
>
> i have nothing wrong in the log. when i am trying to initiate a data
> connection, the server sends me a SYN packet to a masqueraded port
> somewhere around 62000, which gets REJECTED (because the ip_masq_ftp
> module does not work, or because i am too stupid to make it work).
>
> any hints are greatly appreciated
>
> jan
>
> ---
> Jan Stifter
> http://www.medres.ch/~jstifter/
>
> _______________________________________________
> Masq maillist  -  [EMAIL PROTECTED]
> Admin requests can be handled at http://www.indyramp.com/masq-list/ --
> THIS INCLUDES UNSUBSCRIBING!
> or email to [EMAIL PROTECTED]
>
> PLEASE read the HOWTO and search the archives before posting.
> You can start your search at http://www.indyramp.com/masq/
> Please keep general linux/unix/pc/internet questions off the list.

--
Daniell Freed
Computer Services
Dewitt, Ross, & Stevens S.C.

He who fights with monsters might take care
lest he thereby become a monster.
And if you gaze for long into an abyss,
the abyss gazes also into you.

Beyond Good and Evil
Friedrich Wilhelm Nietzche

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
Re: [Masq] ip_masq_ftp module does not work

Reply via email to
