On Mon, May 20, 2002 at 04:52:53PM -0300, Fabiano Pacheco wrote: > Hi All, > ? > Does anybody knows why when I try to FTP anywere, loggin on my FW, I saw a packet >coming from port 20 (remote) to a randon port on my FW.... > ? > But there is anything very strange occurring.....I can authenticate on FTP >Server....but when I try to get a list (ls or dir or something else.....) simply the >server give me a packet on a random port....so my FW blocks!!! > ? > Is it right or not? If right, what I have to do on my fw to permit this packet >traffic? > ?
Fabiano, This is normal FTP behaviour. FTP operates on 2 ports, port 21 for control info, like authentication, and port 20, by default, for the actual data, like 'ls', 'dir', or an actual file transfer. To get around this, you have to set the passive mode: ftp> ? Commands may be abbreviated. Commands are: ! debug mdir qc send $ dir mget sendport site account disconnect mkdir put size append exit mls pwd status ascii form mode quit struct bell get modtime quote system binary glob mput recv sunique bye hash newer reget tenex case help nmap rstatus tick cd idle nlist rhelp trace cdup image ntrans rename type chmod lcd open reset user close ls prompt restart umask cr macdef passive rmdir verbose delete mdelete proxy runique ? ftp> passive Passive mode on. ftp> This will actually send the data back along the port 21 connection, and, since your firewall will not see an outside-originating connection, you will get the data back to your system. Tim -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< >> Tim Sailer (at home) >< Coastal Internet,Inc. << >> Network and Systems Operations >< PO Box 671 << >> http://www.buoy.com >< Ridge, NY 11961 << >> [EMAIL PROTECTED][EMAIL PROTECTED] >< (631)924-3728 (888) 924-3728 << >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>><<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
