FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 01-26-2009, 03:43 PM
happymaster23
 
Default ProFTPd under CentOS 5.2 running FTPS - iptables problem

Hello,

I am setting up ProFTPd daemon (from EPEL repository) under CentOS 5.2
and I need encrypted connection. Daemon is configured perfectly, there
is no problem - if iptables is off connection is smoothly established,
but when iptables is on, connection in FTP client ends on command LIST
without response. Last command with response (positive) is PASV.

Thank you for your replies
Martin *ťastný
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 01-26-2009, 04:48 PM
happymaster23
 
Default ProFTPd under CentOS 5.2 running FTPS - iptables problem

Thank you,

I will check it. But - is this only possible solution?

SFTP I am using only for administration purposes (yeah, it is quite
easy to set it up :-D) and it´s better for me, to make FTPS for
customers and SFTP only for me.

2009/1/26 German Andres Pulido <gpulido@gtscolombia.com>:
>> Hello,
>>
>> I am setting up ProFTPd daemon (from EPEL repository) under CentOS 5.2
>> and I need encrypted connection. Daemon is configured perfectly, there
>> is no problem - if iptables is off connection is smoothly established,
>> but when iptables is on, connection in FTP client ends on command LIST
>> without response. Last command with response (positive) is PASV.
>>
>> Thank you for your replies
>> Martin *ťastný
>> _______________________________________________
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>
> Hi!
>
> The issue is probably with the way FTP is handled. I see two possible
> solutions:
>
> 1. Use the ip_conntrack_ftp module of IPtables. What this does is setting
> iptables aware that the data FTP connection should also be allowed since it's
> related to the original one on port 21. Google for more info on it (and the
> exact module name)
>
> 2. If you only need encrypted traffic, using SFTP makes sense. It only uses
> the port 22 (It's a subsystem of SSH) and its encryption is very good.
>
> Regards.
>
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 10:40 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org