Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: iptables ftp denies ls
Operating Systems Linux Red Hat iptables ftp denies ls Post 302571228 by shahdharmit on Sunday 6th of November 2011 11:27:55 PM
Old 11-07-2011
Quote:
Originally Posted by Corona688
I don't think firewall rules can cause ftp to connect but refuse ls. More likely that's a 'permission denied' on the remote end for trying to read the contents of the remote directory.
You got it right. Probably I had missed giving appropriate permissions. Followed the steps that I used to configure the server. And it's working fine now. Smilie

Thanks for taking interest. Smilie
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

iptables, ftp

I have allready opened a thread about this, but my question was really weird formed, so I'm writting it here again: I have a Network with 4 FTP Servers, then a firewall, and then a Network with clients. The clients should have access to the FTP Servers, but it should not be possible to connect... (2 Replies)
Discussion started by: sTorm
2 Replies

2. Cybersecurity

iptables: block/allow ftp

I have 2 LAN's, seperated by a firewall, running iptables on it. I want only allow ftp access from one to the other LAN. Server 1 in LAN 1 should have ftp access to Server 2 in LAN 2 Server 2 in LAN 2 should not have ftp access to Server 1 in LAN 1. Can someone tell me how to set up the... (5 Replies)
Discussion started by: sTorm
5 Replies

3. IP Networking

Ftp'ing thru a Iptables NAT Masquerade

Greetings to all. My new firewall is giving me one hell of a problem. I'm running iptables and masquerading my intranet thru NAT. But here is the problem. Whenever I try to FTP to a server outside of my lan I get a 500 illegal port error. I've come to the conclusion that NAT is... (2 Replies)
Discussion started by: phrater
2 Replies

4. Shell Programming and Scripting

Block incoming traffic FTP from internet using iptables

Hi everybody. I have the next scenary: eth0: WAN eth1: DMZ eth2: LAN I need to block all incoming trafic from the internet through my network LAN using iptables. I have squid but i need to do this using ipatbles. I have been listening about iptables -A FORDAWARD but I am stuck right... (0 Replies)
Discussion started by: edeamat
0 Replies

5. UNIX for Dummies Questions & Answers

iptables-ftp

I have set up a firewall on my centOS 5.6 box. I copied it from info I found online related to web servers. Everything seems to work fine but my ftp from my LAN. I am not able to ftp into the directories at all. I have the box set up as a test web server. Here is my iptable: I have opened ports... (7 Replies)
Discussion started by: ktb231
7 Replies

6. IP Networking

vsftp | active and passive ftp | iptables

I am using vsftp but I can't login with passive mode. I can only login with active mode. I can login with both mode when service of iptables is stop. In active mode : 20,21 must be open from server site. 1023 and over must be open at client site. In passive mode : only 21,1023 and over must be... (1 Reply)
Discussion started by: getrue
1 Replies

7. IP Networking

iptables problem with ftp

I have a pretty stock iptables script. One rule allows active ftp from an outside IP address. To troubleshoot it, I opened up ftp to all connections from the outside. When a user outside our domain connects via FTP, they are denied. If I flush the rules, the ftp takes place successfully. This... (2 Replies)
Discussion started by: bricoleur
2 Replies

LEARN ABOUT OSX

net::config

Net::Config(3pm)					 Perl Programmers Reference Guide					  Net::Config(3pm)

NAME

       Net::Config - Local configuration data for libnet

SYNOPSYS

	   use Net::Config qw(%NetConfig);

DESCRIPTION

       "Net::Config" holds configuration data for the modules in the libnet distribution. During installation you will be asked for these values.

       The configuration data is held globally in a file in the perl installation tree, but a user may override any of these values by providing
       their own. This can be done by having a ".libnetrc" file in their home directory. This file should return a reference to a HASH containing
       the keys described below.  For example

	   # .libnetrc
	   {
	       nntp_hosts => [ "my_preferred_host" ],
	       ph_hosts   => [ "my_ph_server" ],
	   }
	   __END__

METHODS

       "Net::Config" defines the following methods. They are methods as they are invoked as class methods. This is because "Net::Config" inherits
       from "Net::LocalCfg" so you can override these methods if you want.

       requires_firewall HOST
	   Attempts to determine if a given host is outside your firewall. Possible return values are.

	     -1  Cannot lookup hostname
	      0  Host is inside firewall (or there is no ftp_firewall entry)
	      1  Host is outside the firewall

	   This is done by using hostname lookup and the "local_netmask" entry in the configuration data.

NetConfig VALUES
       nntp_hosts
       snpp_hosts
       pop3_hosts
       smtp_hosts
       ph_hosts
       daytime_hosts
       time_hosts
	   Each is a reference to an array of hostnames (in order of preference), which should be used for the given protocol

       inet_domain
	   Your internet domain name

       ftp_firewall
	   If you have an FTP proxy firewall (NOT an HTTP or SOCKS firewall) then this value should be set to the firewall hostname. If your
	   firewall does not listen to port 21, then this value should be set to "hostname:port" (eg "hostname:99")

       ftp_firewall_type
	   There are many different ftp firewall products available. But unfortunately there is no standard for how to traverse a firewall.  The
	   list below shows the sequence of commands that Net::FTP will use

	     user	 Username for remote host
	     pass	 Password for remote host
	     fwuser	 Username for firewall
	     fwpass	 Password for firewall
	     remote.host The hostname of the remote ftp server

	   0   There is no firewall

	   1
		    USER user@remote.host
		    PASS pass

	   2
		    USER fwuser
		    PASS fwpass
		    USER user@remote.host
		    PASS pass

	   3
		    USER fwuser
		    PASS fwpass
		    SITE remote.site
		    USER user
		    PASS pass

	   4
		    USER fwuser
		    PASS fwpass
		    OPEN remote.site
		    USER user
		    PASS pass

	   5
		    USER user@fwuser@remote.site
		    PASS pass@fwpass

	   6
		    USER fwuser@remote.site
		    PASS fwpass
		    USER user
		    PASS pass

	   7
		    USER user@remote.host
		    PASS pass
		    AUTH fwuser
		    RESP fwpass

       ftp_ext_passive
       ftp_int_passive
	   FTP servers can work in passive or active mode. Active mode is when you want to transfer data you have to tell the server the address
	   and port to connect to.  Passive mode is when the server provide the address and port and you establish the connection.

	   With some firewalls active mode does not work as the server cannot connect to your machine (because you are behind a firewall) and the
	   firewall does not re-write the command. In this case you should set "ftp_ext_passive" to a true value.

	   Some servers are configured to only work in passive mode. If you have one of these you can force "Net::FTP" to always transfer in
	   passive mode; when not going via a firewall, by setting "ftp_int_passive" to a true value.

       local_netmask
	   A reference to a list of netmask strings in the form "134.99.4.0/24".  These are used by the "requires_firewall" function to determine
	   if a given host is inside or outside your firewall.

       The following entries are used during installation & testing on the libnet package

       test_hosts
	   If true then "make test" may attempt to connect to hosts given in the configuration.

       test_exists
	   If true then "Configure" will check each hostname given that it exists

perl v5.16.2							    2012-08-26							  Net::Config(3pm)
All times are GMT -4. The time now is 09:12 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy