TresCom Forums

TresCom : The Trespasser Fan Gateway...
It is currently Mon Oct 22, 2018 11:57 pm

All times are UTC




Post new topic Reply to topic  [ 8 posts ] 
Author Message
PostPosted: Wed Dec 11, 2002 11:18 pm 
Problem: I can't upload (ftp) to a directory on the server, either in standard mode or in pasive mode. Tried with IE 6, FTP Explorer, WS_FTP. My workstation (W2K) is on a LAN, the internet gateway is a Linux machine running an ipchains-based firewall. I even tried to ftp to diehard.ath.cx from the gateway computer -- nada. The only INPUT ports open on the gateway are 25 and 80. To my knowledge, the ftp client doesn't need the incoming ftp port to be open on the gateway in order to connect to external hosts. Am I wrong?


Top
  
 
 Post subject:
PostPosted: Thu Dec 12, 2002 4:55 am 
Offline
-=TresCom Elder=-
-=TresCom Elder=-
User avatar

Joined: Tue Nov 12, 2002 7:43 am
Posts: 2009
Location: The Sovereign State of South Carolina
Troodon, Your question for Sky has me wondering if you can tell me what you think is the best way to do a wireless lan with two desktops and later, maybe a notebook or two?
So far I've discovered that my Dell's Truemobile wireless cards are actually Orinoco gold cards. Can it be as easy as downloading the proper drivers? I'm finding information, but it is coming very slowly.
Of course, as a Newbie, so far nothing seems to be easy with Linux! :wink:


Top
 Profile  
 
 Post subject:
PostPosted: Thu Dec 12, 2002 2:21 pm 
Offline
404 - Title not found
User avatar

Joined: Mon Jul 22, 2002 1:01 pm
Posts: 89
Try to run the following two commands - the last two lines from my packetfiltering script (perhaps you have to change them b/c ipchains use another syntax):

$IPTABLES -A INPUT -j LOG
$IPTABLES -A OUTPUT -j LOG

Afterwards try to ftp to this server again. It won't work, like before ;) But now type "dmesg" and post the logged messages... Then it will be easier to tell you which rules need to be added to your fw script.

s.

_________________
Slackware 10.0- Kernel 2.6.10-AES


Last edited by Sky on Thu Dec 12, 2002 2:41 pm, edited 1 time in total.

Top
 Profile  
 
 Post subject:
PostPosted: Thu Dec 12, 2002 2:28 pm 
Thanks, Sky, I'll try what you suggested.

Dan, I have no experience with wireless devices and networks, sorry I can't help.


Top
  
 
 Post subject:
PostPosted: Fri Dec 13, 2002 4:32 am 
Hm.. I think PASV mode is disabled on the trescom ftp server. According to the linksys website:

- PASV mode: client connects to server for data transfer
- PORT mode: server connects to client for data transfer

and my firewall only allows PASV mode ftp transfers.


Top
  
 
 Post subject:
PostPosted: Fri Dec 13, 2002 1:59 pm 
Offline
404 - Title not found
User avatar

Joined: Mon Jul 22, 2002 1:01 pm
Posts: 89
What did "dmesg" tell you?

s.

_________________
Slackware 10.0- Kernel 2.6.10-AES


Top
 Profile  
 
 Post subject:
PostPosted: Fri Dec 13, 2002 2:24 pm 
Packet log: input DENY ppp0 PROTO=6 217.84.190.22:35536 64.231.175.154:113 L=60 S=0x00 I=6553 F=0x4000 T=54 SY N (#7)
Packet log: input DENY ppp0 PROTO=6 217.84.190.22:35536 64.231.175.154:113 L=60 S=0x00 I=6554 F=0x4000 T=54 SY N (#7)
Packet log: input DENY ppp0 PROTO=6 217.84.190.22:35536 64.231.175.154:113 L=60 S=0x00 I=6555 F=0x4000 T=54 SY N (#7)
Packet log: input DENY ppp0 PROTO=6 217.84.190.22:20 64.231.175.154:1069 L=60 S=0x00 I=15372 F=0x4000 T=54 SYN (#8)
Packet log: input DENY ppp0 PROTO=6 217.84.190.22:20 64.231.175.154:1069 L=60 S=0x00 I=15373 F=0x4000 T=54 SYN (#8)
Packet log: input DENY ppp0 PROTO=6 217.84.190.22:20 64.231.175.154:1069 L=60 S=0x00 I=15374 F=0x4000 T=54 SYN (#8)
Packet log: input DENY ppp0 PROTO=6 217.84.190.22:20 64.231.175.154:1069 L=60 S=0x00 I=15375 F=0x4000 T=54 SYN (#8)
Packet log: input DENY ppp0 PROTO=6 217.84.190.22:20 64.231.175.154:1069 L=60 S=0x00 I=15376 F=0x4000 T=54 SYN (#8)
Packet log: input DENY ppp0 PROTO=6 217.84.190.22:20 64.231.175.154:1069 L=60 S=0x00 I=15377 F=0x4000 T=54 SYN (#8)


Green is diehard.ath.cx, red is my host, bold is the port.


Top
  
 
 Post subject:
PostPosted: Sat Dec 14, 2002 11:08 am 
Offline
404 - Title not found
User avatar

Joined: Mon Jul 22, 2002 1:01 pm
Posts: 89
In my firewall script i have included an option if i need ftp (normally i do not because i use ssh/scp)

Code:
if [ $1 = "ftp" ]
   then
      $IPTABLES -A OUTPUT -p tcp --sport 1024: --dport 21 -j ACCEPT
      $IPTABLES -A OUTPUT -p tcp --sport 1024: --dport 20 -j ACCEPT
      $IPTABLES -A INPUT -p tcp --dport 1024: -j ACCEPT
   fi;

then i run "script.sh ftp" and ftp works ;) You just have to look for the right syntax b/c you are using ipchains..

_________________
Slackware 10.0- Kernel 2.6.10-AES


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron

Powered by phpBB® Forum Software © phpBB Group