FedoraThis forum is for the discussion of the Fedora Project.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Sorry, to double-post, but I thought I might be more likely to get help here than in Linux-Security, where I first posted this question.
Quote:
Originally Posted by belliott4488
I'm running Fedora Core 3, including SELinux. Today I attempted to upload some files to a web server for the first time, but I couldn't quite do it.
(Actually, my 'put' command seemed to succeed in blowing away the file I was trying to upate, since the web site I'd just agreed to try and maintain for someone stopped responding - I was updating the index.html file. I had to boot up my Win2K machine just to do the ftp.)
I can establish the connection and log on, but any command that uses the data port seems to fail. Here's a simple example session:
Code:
[bruce@localhost ~]$ ftp -d users.XXXX.net
Connected to users.XXXX.net.
220 www2.XXXX.net FTP server (Version wu-2.8.0-prerelease(1) Tue Dec 6 22:11:18 PST 2005) ready.
---> AUTH GSSAPI
500 AUTH command not supported.
---> AUTH KERBEROS_V4
500 AUTH command not supported.
KERBEROS_V4 rejected as an authentication type
Name (users.megapathdsl.net:bruce): ZZZZZZ
---> USER ZZZZZZ
331 Password required for ZZZZZZ.
Password:
---> PASS XXXX
230 User ZZZZZZ logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (XX,80,60,21,108,140)
receive aborted
waiting for remote to finish abort
ftp>
(I've x'd out the server and username.)
The session just hangs after the "Entering Passive Mode ..." message. If I wait long enough, it just times out; this time I CTRL-C'd out of it. I get the same response if I do a "put" or a "get".
I was able to ftp successfully from the same machine after I rebooted in Win2K, so I'm guessing this has something to do with the firewall on the Linux side.
What should I do?
thanks,
Bruce
Last edited by belliott4488; 01-23-2006 at 06:30 PM.
Did you also use the passive mode under w2k? If yes, then your firewall (and/or NAT) is causing problems.
You need to have the ftp conntrack for iptables.
And I bet XXX= mega...
Don't double post, the correct place for this thread would have been network as ftp is not linked to fedora and there is no security issue.
Sorry about the incorrect posting, but I wasn't sure where to post since I wasn't sure what the problem was, e.g. if Fedora has a unique way of configuring its firewall or something.
I've found out that the server I was trying to connect to doesn't allow passive mode transfers, so I think the problem is with my firewall, i.e. if I have to use active ftp, it has to allow the remote server to connect to my data port.
Are firewall questions security-related or network-related? I'd like to carry on this thread in the appropriate forum, I'm just confused ...
And BTW ... how did you guess that domain name? Are they big in the hosting world? I'm new to all this and hadn't even heard of them before.
Are firewall questions security-related or network-related? I'd like to carry on this thread in the appropriate forum, I'm just confused ...
And BTW ... how did you guess that domain name? Are they big in the hosting world? I'm new to all this and hadn't even heard of them before.
thanks,
Bruce
227 Entering Passive Mode (XX,80,60,21,108,140)
Here is the IP adress you could edit your post to remove it.
Well, for me firewall not working fall under network configuration but I'm not maintainer of the website , you can put them in one of them (not both eheh)
Anyway, you seem to know how active/passive command/data port in ftp work. If you also know how iptables works , grep google or linuxquestions for ftp conntrack, it is was you need.
Here is the IP adress you could edit your post to remove it.
Well, for me firewall not working fall under network configuration but I'm not maintainer of the website , you can put them in one of them (not both eheh)
Anyway, you seem to know how active/passive command/data port in ftp work. If you also know how iptables works , grep google or linuxquestions for ftp conntrack, it is was you need.
duh ... yeah, IP address, huh. thanks.
And actually, my problem turned out to be good ol' user error. I has assumed that since my ftp client reported that is was entering passive mode, that it had been in active mode before that. Not so. When I explicitly disable passive mode (by typing "passive") I can connect just fine. No firewall problem.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.