LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-14-2014, 02:46 PM   #1
linustalman
LQ Guru
 
Registered: Mar 2010
Location: Ireland
Distribution: Debian 12 Bookworm
Posts: 5,854

Rep: Reputation: 479Reputation: 479Reputation: 479Reputation: 479Reputation: 479
Question Why is FTP working when it is not allowed in GUFW?


Hi.

I have a a firewall on my wireless router (standard setting). I also have GUFW enabled (no additional settings made).

Recently I used this Android app named 'Ftp Server' to copy files to my smartphone from my PC via the router.

I am curious as to why FTP is working when it is not allowed as a rule in GUFW. I presume my router firewall allows it by default.

Can someone shed some light on this?

Thanks.

Last edited by linustalman; 01-14-2014 at 02:47 PM.
 
Old 01-14-2014, 03:13 PM   #2
michaelk
Moderator
 
Registered: Aug 2002
Posts: 26,367

Rep: Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154
I assume that the smartphone is connected via wifi so it is on your internal LAN. Your router's firewall has no affect in this case. If your transferring files to the smartphone then the incoming connection is already established and so the GUFW allows it.
 
Old 01-15-2014, 10:31 AM   #3
linustalman
LQ Guru
 
Registered: Mar 2010
Location: Ireland
Distribution: Debian 12 Bookworm
Posts: 5,854

Original Poster
Rep: Reputation: 479Reputation: 479Reputation: 479Reputation: 479Reputation: 479
Question

Quote:
Originally Posted by michaelk View Post
I assume that the smartphone is connected via wifi so it is on your internal LAN. Your router's firewall has no affect in this case. If your transferring files to the smartphone then the incoming connection is already established and so the GUFW allows it.
Hi michaelk.

Yes, it's connected via wireless. Could you elaborate on 'incoming connection is already established'. Attached is a screengrab of my Gufw setup (for 'Incoming' it says 'Deny'). Also I am able to copy a file from my smartphone to my PC via Filezilla - should that be allowed?

Last edited by linustalman; 01-15-2014 at 10:32 AM.
 
Old 01-15-2014, 02:39 PM   #4
michaelk
Moderator
 
Registered: Aug 2002
Posts: 26,367

Rep: Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154
The screen shot is missing.

Basically, an established connection will allow incoming traffic from outgoing connections. For example someone might probe your computer for a ftp server. The firewall will block that but if you initiate a connection to a FTP server from the computer itself the firewall will allow that traffic back.

Is your incoming policy deny? Without seeing your rules I can not say why you can connect to the ftp server on the PC.
 
Old 01-15-2014, 03:38 PM   #5
linustalman
LQ Guru
 
Registered: Mar 2010
Location: Ireland
Distribution: Debian 12 Bookworm
Posts: 5,854

Original Poster
Rep: Reputation: 479Reputation: 479Reputation: 479Reputation: 479Reputation: 479
Quote:
Originally Posted by michaelk View Post
The screen shot is missing.

Basically, an established connection will allow incoming traffic from outgoing connections. For example someone might probe your computer for a ftp server. The firewall will block that but if you initiate a connection to a FTP server from the computer itself the firewall will allow that traffic back.

Is your incoming policy deny? Without seeing your rules I can not say why you can connect to the ftp server on the PC.
Sorry, here it is.
Attached Thumbnails
Click image for larger version

Name:	Firewall.png
Views:	26
Size:	30.7 KB
ID:	14504  
 
Old 01-15-2014, 05:44 PM   #6
michaelk
Moderator
 
Registered: Aug 2002
Posts: 26,367

Rep: Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154Reputation: 6154
It appears that the firewall should drop incoming connections.
 
Old 01-17-2014, 04:27 AM   #7
linustalman
LQ Guru
 
Registered: Mar 2010
Location: Ireland
Distribution: Debian 12 Bookworm
Posts: 5,854

Original Poster
Rep: Reputation: 479Reputation: 479Reputation: 479Reputation: 479Reputation: 479
Exclamation

Quote:
Originally Posted by michaelk View Post
It appears that the firewall should drop incoming connections.
So I should not be able to copy files from my smartphone to the PC? Do you think this a Gufw or ufw bug?

Code:
sudo ufw status verbose
Code:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip

Last edited by linustalman; 01-17-2014 at 03:01 PM.
 
  


Reply

Tags
firewall, ftp, gufw, router


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
gufw configration or firefighter with squid ganfun Linux - Networking 0 08-02-2010 08:11 AM
Add allowed IP address to FTP server anon091 Linux - Newbie 6 01-13-2010 01:48 PM
Firestarter or gufw or does it matter? lupusarcanus Linux - Security 1 12-22-2009 12:42 PM
chmod chown permissions not working operation not allowed UMG:Chicken_Soüp Slackware 1 11-06-2007 01:15 AM
Tracking user logins that was allowed and not allowed eswanepoel Linux - Security 3 08-02-2006 05:37 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 03:01 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration