[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Re: Newbie Q about webaliser :)
- Subject: Re: [cobalt-users] Re: Newbie Q about webaliser :)
- From: Jeff Lasman <blists@xxxxxxxxxxxxx>
- Date: Fri Jan 2 05:37:05 2004
- Organization: nobaloney.net
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On Thursday 01 January 2004 04:01 pm, paul wrote:
> When I try to ftp into the box, it recognises the ip change and
> changes the ip that it tries to connect with to the local ip, so I
> guess that's why I cant ftp into the box.Strangely enough it does
> connect, but cant receive the listing - I think I can see why now!
If I'm recalling correctly this is because you're attempting to use a
passive ftp connection. Passive ftp uses a non-privileged high port.
Since your non-privileged high ports are blocked by the firewall, you
can connect through 21 (which you've unblocked) but not through the
non-privileged high port, which is blocked.
You probably don't want to open all your high ports through the
firewall; the other option is to tell proftpd which ports you do want
to use (we open one port for every ten clients on the box, minimum 10),
and then open those ports in the firewall. Instructions for the
proftpd daemon are on their website, instructions for your firewall,
should come from the firewall manufacturer.
Alternatively you can just set your ftp client to NOT use passive ftp.
Jeff
--
Jeff Lasman, nobaloney.net, P. O. Box 52672, Riverside, CA 92517 US
Professional Internet Services & Support / Consulting / Colocation
Our blists address used on lists is for list email only
Phone +1 909 324-9706, or see: "http://www.nobaloney.net/contactus.html";