Sylvester wrote: > He never mentioned if it was susefirewall. Anyway, those are inbound;
If someone didn't mention the type of his firewall, it's IMO best choice to assume he's using SUSEFirewall, at least while he's posted to the opensuse mailing list. > When the client sends "PASV", the server responds by opening a random > (or configured by PassivePorts) port. Referring to this port as "$P". > The server then sends "PORT $P" back to client, which then connects to > the server on port $P. > That is passive mode as far as I understand. It's still doesn't change the fact that it can be solved on SeSEfirewall like this: /etc/sysconfig/SuSEfirewall2 # Enter all ports or known portnames below, seperated by a space. # TCP services (e.g. SMTP, WWW) must be set in FW_SERVICES_*_TCP, and # UDP services (e.g. syslog) must be set in FW_SERVICES_*_UDP. # e.g. if a webserver on the firewall should be accessible from the internet: # FW_SERVICES_EXT_TCP="www" # e.g. if the firewall should receive syslog messages from the dmz: # FW_SERVICES_DMZ_UDP="syslog" # For IP protocols (like GRE for PPTP, or OSPF for routing) you need to set # FW_SERVICES_*_IP with the protocol name or number (see /etc/protocols) # # Format: space separated list of ports, port ranges or well known # service names (see /etc/services) # # Examples: "ssh", "123 514", "3200:3299", "ftp 22 telnet 512:514" # FW_SERVICES_EXT_TCP="ftp" Cheers Jan -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
