Red Hat Topics - Firewall trouble.

Author

Firewall trouble.

Mark Healey

2004-10-06, 8:45 pm

I went to FTP some file from another machine and ran into a problem I
had before with redhat 9.

It had something to do with two modes of FTP traffic and an entry that
had to be made manually in a configuration file.

Anyway, what happens is that I ftp to a host and login. When I ls I get
a connection refused message.

Paul Lutus

2004-10-06, 8:45 pm

Mark Healey wrote:

> I went to FTP some file from another machine and ran into a problem I
> had before with redhat 9.
>
> It had something to do with two modes of FTP traffic and an entry that
> had to be made manually in a configuration file.
>
> Anyway, what happens is that I ftp to a host and login. When I ls I get
> a connection refused message.

For FTP, you must open two ports, 20 and 21. Refer to your firewall's
documentation, which you do not identify, on your distribution, which you
do not identify.

--
Paul Lutus
http://www.arachnoid.com

Mark Healey

2004-10-07, 2:45 am

On Thu, 7 Oct 2004 02:32:24 UTC, Paul Lutus <nospam@nosite.zzz> wrote:

> Mark Healey wrote:
>
>
> For FTP, you must open two ports, 20 and 21. Refer to your firewall's
> documentation, which you do not identify, on your distribution, which you
> do not identify.

Sorry, It is Fedora2 using (I believe) iptables. I did man iptables
and it doesn't tell me where the files are stored, at least in
language I can understand.

--
Mark Heaely
marknews(at)healeyonline(dot)com

Paul Lutus

2004-10-07, 2:45 am

Mark Healey wrote:

/ ...

>
> Sorry, It is Fedora2 using (I believe) iptables. I did man iptables
> and it doesn't tell me where the files are stored, at least in
> language I can understand.

Why not use the GUI configuration tool instead of trying to sort it out
yourself? I ask this because you may not be quite ready to
hand-edit /etc/sysconfig/iptables and restart the service.

The configuration tool on FC2 is named "system-config-securitylevel". It is
listed as "security level" in the system settings menu under KDE. You can
run it from a shell:

$ system-config-securitylevel

--
Paul Lutus
http://www.arachnoid.com

Mark Healey

2004-10-07, 5:45 pm

On Thu, 07 Oct 2004 00:35:16 -0700, Paul Lutus wrote:

> Mark Healey wrote:
>
> / ...
>
>
> Why not use the GUI configuration tool instead of trying to sort it out
> yourself?

Because it doesn't work. I have FTP checked and I still get connection
refused messages when I try to ls a remote computer.

I ask this because you may not be quite ready to
> hand-edit /etc/sysconfig/iptables and restart the service.

It looks like I'm going to have to.

> The configuration tool on FC2 is named "system-config-securitylevel". It is
> listed as "security level" in the system settings menu under KDE. You can
> run it from a shell:

I'm running Gnome and found it but it doesn't work.

-
Mark Healey
marknews(at thingy)healeyonline.com

Paul Lutus

2004-10-07, 5:45 pm

Mark Healey wrote:

> On Thu, 07 Oct 2004 00:35:16 -0700, Paul Lutus wrote:
>
>
> Because it doesn't work. I have FTP checked and I still get connection
> refused messages when I try to ls a remote computer.

Maybe the connection was refused *there*. Did you check the remote firewall?
With that error message, the problem is more likely to be on the server,
not the client.

--
Paul Lutus
http://www.arachnoid.com

Mark Healey

2004-10-07, 5:45 pm

On Thu, 07 Oct 2004 15:39:30 -0700, Paul Lutus wrote:

> Mark Healey wrote:
>
>
> Maybe the connection was refused *there*. Did you check the remote firewall?
> With that error message, the problem is more likely to be on the server,
> not the client.

Yes, I tried different servers with the same results and I booted into
OS/2 and tried and had no problems.

Like I said, I had this problem last time I tried linux (redhad 9) and had
to manually edit iptables. The problem is that the documentation, like
all linux docs, is terribly written.

-
Mark Healey
marknews(at thingy)healeyonline.com