Anyone else struck the problem of trying to enable FTP traffic through the Firewall in Mac OS X 10.4 Tiger Server?
I've just installed Tiger Server on one of our G5 Xserves (Dual 2 GHz G5, 1GB RAM 1.2TB HD) and as soon as I turn on the Firewall, FTP clients can't connect and download files despite ticking the allow traffic for FTP Service ports 20-21 check box. I came across this discussion at http://discussions.info.apple.com/: > The internal firewall settings have changed from 10.3 to 10.4. > Here is the problem (from another thread): firewall (ipfw) is preventing ftp > client from using a <server assigned port>. When ftp client on MacOSX connects > to a server, a server assigns a local port number, which are in unprivileged > IP range. The firewall on MacOS Tiger prevents the ftp client to connect back > to the assigned port range. In another words, communication fails after > initial handshake between ftp client and ftpd is complete (and this problem > only occurs when ftp client is trying to connect a ftp server that uses > IP_PORTRANGE feature. > ============================================ > The rule that was used in the 10.3 firewall was: > ALLOW If protocol is TCP and source port is 20,21 and destination port is > 1024-65535 and packet is incoming and packet is incoming. > ============================================ > The client computer will need to add this rule using a program like WEBMIN or > BRICKHOUSE, or it will be necessary to turn off the firewall whenever FTP > facility is desired. > > Unless there is a way of defeating the Host Portrange feature from the client. > Kori So it looks like I'm not alone. I tried manually creating a new Advanced Rule to "ALLOW If protocol is TCP and source port is 20,21 and destination port is 1024-65535" as mentioned above but haven't had any success yet. Any suggestions? -Mart -------------------------------------- Martin Hill mailto:[EMAIL PROTECTED] homepages: http://mart.ozmac.com Mb: 0417-967-969 hm: (08)9314-5242
