bridging firewall => proftpd issue.
From: CPU Customer Support (support_at_cpu-net.com)
Date: 07/20/04
- Previous message: James Dooley: "New email address for jdooley"
- Next in thread: Wolfpaw - Dale Corse: "RE: bridging firewall => proftpd issue."
- Reply: Wolfpaw - Dale Corse: "RE: bridging firewall => proftpd issue."
- Reply: Dave Hart: "Re: bridging firewall => proftpd issue."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: <freebsd-isp@freebsd.org> Date: Tue, 20 Jul 2004 12:07:28 -0400
The isp I administrate is running a full set of Redhat 9 servers. (Not
my choice) But, as I just took over the position recently, I have been
upgrading the security all around. In doing this I've installed a
Bridging firewall running FreeBSD 4.9 compiled for the security branch,
and IPFW. It seems that just as I installed this firewall, a customer
is no longer able to ftp into our main Redhat machine. The redhat
machine is running Proftpd 1.2.9.
The issue:
The user can log in and authenticate. It successfully authenticates his
password as it should, but then when he tries to get a directory listing
it bombs. It looks at first like a passive/active issue, but, I've
opened the appropriate ports on the firewall, and even assigned the
passive ports in Proftpd. He has tried passive and active modes both,
with the same results. Mind you all other customers do not have any
issues.
Session Transcript:
Jul 19 17:24:04 host04 proftpd[32507]: cpu-net.com
(70-240-21-3.ded.swbell.net[70.240.21.3]) - FTP session opened.
Jul 19 17:24:04 host04 proftpd[32507]: cpu-net.com
(70-240-21-3.ded.swbell.net[70.240.21.3]) - USER **usersname**: Login
successful.
Jul 19 17:24:04 host04 proftpd[32507]: cpu-net.com
(70-240-21-3.ded.swbell.net[70.240.21.3]) - Refused PORT
192,168,100,3,8,118 (address mismatch)
Jul 19 17:24:13 host04 proftpd[32507]: cpu-net.com
(70-240-21-3.ded.swbell.net[70.240.21.3]) - FTP session closed.
The ip range that he's coming from was just recently issued by SBC
recently. I've also tried opening all ports and ips to this ip address
for him. To no avail.
The customer did not have any issues prior to installing the Freebsd
firewall/bridge. He was also using the current ip address prior as
well.
If anyone has a figment of a clue, it would be worlds of help to me.
Thank you,
Don Mohlmaster
CPU-NET.com, Inc. Systems Administrator.
_______________________________________________
freebsd-isp@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-isp
To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
- Previous message: James Dooley: "New email address for jdooley"
- Next in thread: Wolfpaw - Dale Corse: "RE: bridging firewall => proftpd issue."
- Reply: Wolfpaw - Dale Corse: "RE: bridging firewall => proftpd issue."
- Reply: Dave Hart: "Re: bridging firewall => proftpd issue."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
