FIAIF "breaking" WU ftp server's DIR command?

Paul Bijnens email hidden
Tue Jan 7 17:14:28 CET 2003

Benton Roberts wrote:
> Hello, all.
> I have been using FIAIF v.1.2.1-1 on RedHat 7.3 for awhile now, and have
> been quite happy with it. However, I recently installed wu-ftpd (on the same
> computer as FIAIF), and discovered a problem with any ftp clients in the
> 'EXT' zone. Specifically, they can't use the 'DIR' command to list the files
> on the ftp server. The ftp clients can log in, and can 'CD' to a directory,
> but when a 'DIR' request is issued, my system logs start showing dropped
> packet log entries like the following:
> Jan  7 10:34:16 myhostname kernel: DROP:IN=eth0 OUT=
> MAC=00:90:27:de:27:0f:00:e0:1e:5d:f7:7c:08:00 SRC=
> DST=<> LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=47731 DF
> PROTO=TCP SPT=4719 DPT=44609 WINDOW=32768 RES=0x00 SYN URGP=0

You should load the ip_conntrack_ftp kernel module (and if you are using 
NAT, also load the ip_nat_ftp module), and then it's all handled as
related traffic.  (Well, it worked for me...)

Paul Bijnens, Xplanation                            Tel  +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM    Fax  +32 16 397.512          email:  Paul.Bijnens at
* I think I've got the hang of it now:  exit, ^D, ^C, ^\, ^Z, ^Q, F6, *
* quit,  ZZ, :q, :q!,  M-Z, ^X^C,  logoff, logout, close, bye,  /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt,  abort,  hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e,  kill -1 $$,  shutdown, *
* kill -9 1,  Alt-F4,  Ctrl-Alt-Del,  AltGr-NumLock,  Stop-A,  ...    *
* ...  "Are you sure?"  ...   YES   ...   Phew ...   I'm out          *

More information about the fiaif mailing list