On Thu, Aug 20, 2009 at 11:03:25AM +1000, Voytek Eymont wrote: > > On Thu, August 20, 2009 10:37 am, Matthew Hannigan wrote: > > On Wed, Aug 19, 2009 at 11:18:48AM +1000, Daniel Pittman wrote: > > >>> /etc/sysconfig/iptables > >>> > >> > >> Hmmmm. Does it have the nf_nat_ftp and nf_conntrack_ftp modules > >> loaded, too? > > > Look in /etc/sysconfig/iptables-config for that. > > Matt, > thanks, no modules specfied > > so I should add IPTABLES_MODULES="nf_nat_ftp nf_conntrack_ftp"
yes, I think so, but if you use the gui and tick ftp it will do the needful for you. > > > Bottom line, ftp is a pretty firewall un-friendly protocol. > > I'd recommend sftp (i.e. the module/feature of ssh) instead. > > but, if command line ftp client works with no issues, doesn't that exclude > firewall on the server ? Maybe. Is the command line client ftp being done from the same machine? It also depends on whether it's using passive or not. The default might change from gui to cli - and even version to version each other. -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
