FIAIF "breaking" WU ftp server's DIR command?
Tue Jan 7 18:52:47 CET 2003
Thanks very much for your info on the ip_conntrack and ip_nat_ftp modules.
Your advice solved my problem right away.
On 1/7/03 11:14 AM, "Paul Bijnens" <paul.bijnens at xplanation.com> wrote:
> Benton Roberts wrote:
>> Hello, all.
>> I have been using FIAIF v.1.2.1-1 on RedHat 7.3 for awhile now, and have
>> been quite happy with it. However, I recently installed wu-ftpd (on the same
>> computer as FIAIF), and discovered a problem with any ftp clients in the
>> 'EXT' zone. Specifically, they can't use the 'DIR' command to list the files
>> on the ftp server. The ftp clients can log in, and can 'CD' to a directory,
>> but when a 'DIR' request is issued, my system logs start showing dropped
>> packet log entries like the following:
>> Jan 7 10:34:16 myhostname kernel: DROP:IN=eth0 OUT=
>> MAC=00:90:27:de:27:0f:00:e0:1e:5d:f7:7c:08:00 SRC=22.214.171.124
>> DST=<my.host.ip.address> LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=47731 DF
>> PROTO=TCP SPT=4719 DPT=44609 WINDOW=32768 RES=0x00 SYN URGP=0
> You should load the ip_conntrack_ftp kernel module (and if you are using
> NAT, also load the ip_nat_ftp module), and then it's all handled as
> related traffic. (Well, it worked for me...)
More information about the fiaif