03-15-2005
Accessing a FTP Server hosted on Linux
We have set-up a FTP server on a Linux machine, which sits behind a firewall. Most users outside our firewall can access it, but one user in particular cannot. I assume it has something to do with their firewall rules. It appears that they can connect with no problem but the server does not grant full access for long, as there is appears to be a failure in staying connected to the port, e.g. an extract from the log
WINSOCK.DLL: WinSock 2.0
WS_FTP Pro, Version 7.0, 2001.06.07
Connecting to XX.XX.XXX.XXX:XX
Connected to XX.XX.XXX.XXX:XX in 0.430, Waiting for Server Response 220 localhost.localdomain FTP server (Version wu-2.6.2-12) ready.
Host type (1): Automatic detect
USER username
331 Password required for username.
PASS (hidden)
230 User username logged in. Access restrictions apply.
SYST
215 UNIX Type: L8
Host type (2): UNIX (standard)
PWD
257 "/" is current directory.
TYPE A
200 Type set to A.
PORT 192,168,0,41,7,220
connection reset; the server has reset the connection for some unkown reason.
Port failed
PASV
connection reset; the server has reset the connection for some unkown reason.
It appears that the connection is dead. Attempting reconnect...
==========================================================
and tries to connect again with the end result:
connection reset; the server has reset the connection for some unkown reason.
==========================================================
They are using a NAT (Network Address Translation) security method with their firewall, maybe this is overriding the firewall rules? Has anyone seen this before?
Thanks
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have taken an old Pentium-75 Compaq with 32Mb memory, formatted the hard drive, and loaded Redhat 5.2 on it. All I really want is an ftp server to allow vendors to download files from it as they need them. I was told that these old pentiums with little memory would work well with Linux. The ftp... (2 Replies)
Discussion started by: kwalter
2 Replies
2. Linux
Hi,
I've setup an FTP server on my linux box (RH 9.0). I've configured so the vsftpd daemon is running in runlevel 5, etc.
However, I have difficulty logging-on, as it will not authenticate any valid user (inlcuding anoymous). Everything seems ok in the /etc/vsftpd/vsftp.d.conf and... (4 Replies)
Discussion started by: Breen
4 Replies
3. Red Hat
Dear all
i hav dual operating system ie windows 2003 and Red Hat Advance Server3
trying to mount windows partition on linux operating system using the following method
1)mkdir /mnt/windows
2)mount -t ntfs /dev/hda1 /mnt/windows
mount: fs type ntf not supported by kernel
and my kernel... (2 Replies)
Discussion started by: maooah
2 Replies
4. HP-UX
Hi,
we have some websites in ux servers and need to stop those websites i.e when users try to acess those websites they should not able to see those websites.
we have to ideas one is .htaccess. from this we can redirect to existing 404page. and not sure if we rediredt to non- exixting page in... (1 Reply)
Discussion started by: kishan
1 Replies
5. UNIX and Linux Applications
Hi
Anyone out there know how to change the linux ftp server message.
ftp> bye
221-You have transferred 0 bytes in 0 files.
221-Total traffic for this session was 197 bytes in 0 transfers.
221-Thank you for using the FTP service on kgsainss103.
221 Goodbye.
the end message Goodbye. to... (2 Replies)
Discussion started by: netxus
2 Replies
6. Emergency UNIX and Linux Support
Hi,
we have a big problem,
history:
we migrated our companies ftp and sftp-server, which were vsftp and openssh, to one server, software is called JSCAPE ftp server professional edition
for the first time everything was great, but after one or two months, our uploads hang, 0 byte files are... (11 Replies)
Discussion started by: funksen
11 Replies
7. UNIX for Dummies Questions & Answers
Hi everyone-
I'm relatively new to UNIX (Primarily Oracle background), wondering if anyone can help me.
I did not configure Oracle Database Control (Web-Based admin interface) on the Database Server (HP-UX), however it is running and the URL is configured with an internal IP, which users have... (4 Replies)
Discussion started by: campbellg
4 Replies
8. AIX
HI ,
I'm facing the FTP connection refused from text editor while accessing AIX server .It showing the messege "can't create ftp connection connectin refused".Though it is accessible from putty .
i'm using aix version 6 .
Can any one let me know the seetings needs to be made so that i... (2 Replies)
Discussion started by: rmkganesh
2 Replies
9. Linux
I am facing a strange issue in connecting to Oracle database from Linux Machine
- The connectivity is not failing all the time , the failure to success ratio is 1:70.
- Error "ORA-12545: Connect failed because target host or object does not exist"
- Majority of the time the connection... (6 Replies)
Discussion started by: balaji kumar
6 Replies
10. UNIX for Beginners Questions & Answers
Hi Comrades,
I am interested if there is the global internet network I can find free access to the Linux or unix server to create the own account to have some practice.
Thanks a lot for your advice and comments.
BR,
Dembi (2 Replies)
Discussion started by: Dembi
2 Replies
LEARN ABOUT DEBIAN
pyroman
PYROMAN(8) System Manager's Manual PYROMAN(8)
NAME
pyroman - a firewall configuration utility
SYNOPSIS
pyroman
[ -hvnspP ] [ -r RULESDIR ] [ -t SECONDS ]
[ --help ] [ --version ] [ --safe ] [ --no-act ]
[ --print ] [ --print-verbose ] [ --rules=RULESDIR ]
[ --timeout=SECONDS ] [ safe ]
DESCRIPTION
pyroman is a firewall configuration utility.
It will compile a set of configuration files to iptables statements to setup IP packet filtering for you.
While it is not necessary for operating and using Pyroman, you should have understood how IP, TCP, UDP, ICMP and the other commonly used
Internet protocols work and interact. You should also have understood the basics of iptables in order to make use of the full
functionality.
pyroman does not try to hide all the iptables complexity from you, but tries to provide you with a convenient way of managing a complex
networks firewall. For this it offers a compact syntax to add new firewall rules, while still exposing access to add arbitrary iptables
rules.
OPTIONS
-r RULESDIR,--rules=RULES
Load the rules from directory RULESDIR instead of the default directory (usually /etc/pyroman )
-t SECONDS,--timeout=SECONDS
Wait SECONDS seconds after applying the changes for the user to type OK to confirm he can still access the firewall. This implies
--safe but allows you to use a different timeout.
-h, --help
Print a summary of the command line options and exit.
-V, --version
Print the version number of pyroman and exit.
-s, --safe, safe
When the firewall was committed, wait 30 seconds for the user to type OK to confirm, that he can still access the firewall (i.e. the
network connection wasn't blocked by the firewall). Otherwise, the firewall changes will be undone, and the firewall will be
restored to the previous state. Use the --timeout=SECONDS option to change the timeout.
-n, --no-act
Don't actually run iptables. This can be used to check if pyroman accepts the configuration files.
-p, --print
Instead of running iptables, output the generated rules.
-P, --print-verbose
Instead of running iptables, output the generated rules. Each statement will have one comment line explaining how this rules was
generated. This will usually include the filename and line number, and is useful for debugging.
CONFIGURATION
Configuration of pyroman consists of a number of files in the directory /etc/pyroman. These files are in python syntax, although you do
not need to be a python programmer to use these rules. There is only a small number of statements you need to know:
add_host
Define a new host or network
add_interface
Define a new interface (group)
add_service
Add a new service alias (note that you can always use e.g. www/tcp to reference the www tcp service as defined in /etc/services)
add_nat
Define a new NAT (Network Address Translation) rule
allow Allow a service, client, server combination
reject Reject access for this service, client, server combination
drop Drop packets for this service, client, server combination
add_rule
Add a rule for this service, client, server and target combination
iptables
Add an arbitrary iptables statement to be executed at beginning
iptables_end
Add an arbitrary iptables statement to be executed at the end
Detailed parameters for these functions can be looked up by caling
cd /usr/share/pyroman
pydoc ./commands.py
BUGS
None known as of pyroman-0.4 release
AUTHOR
pyroman was written by Erich Schubert <erich@debian.org>
SEE ALSO
iptables(8), iptables-restore(8) iptables-load(8)
PYROMAN(8)