RE: bridging firewall => proftpd issue.

From: Wolfpaw - Dale Corse (admin-lists_at_wolfpaw.net)
Date: 07/20/04

  • Next message: Dave Hart: "Re: bridging firewall => proftpd issue." 
    To: "'CPU Customer Support'" <support@cpu-net.com>, <freebsd-isp@freebsd.org>
Date: Tue, 20 Jul 2004 12:50:03 -0600

    Has he tried using PASV? The port is coming from 192.168.100.3 .. Not
    from his real IP. Likely he has some kind of firewall now.. And that
    is causing the issue. I don't think its your end.. Bridges don't change
    The IP address (Unless your using nat).. So it wouldn't likely be you.

    D.
    --------------------------------
    Dale Corse
    System Administrator
    Wolfpaw Services Inc.
    http://www.wolfpaw.net
    (780) 474-4095

    > -----Original Message-----
    > From: owner-freebsd-isp@freebsd.org
    > [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of CPU
    > Customer Support
    > Sent: Tuesday, July 20, 2004 10:07 AM
    > To: freebsd-isp@freebsd.org
    > Subject: bridging firewall => proftpd issue.
    >
    >
    > The isp I administrate is running a full set of Redhat 9
    > servers. (Not my choice) But, as I just took over the
    > position recently, I have been upgrading the security all
    > around. In doing this I've installed a Bridging firewall
    > running FreeBSD 4.9 compiled for the security branch, and
    > IPFW. It seems that just as I installed this firewall, a
    > customer is no longer able to ftp into our main Redhat
    > machine. The redhat machine is running Proftpd 1.2.9.
    >
    > The issue:
    >
    > The user can log in and authenticate. It successfully
    > authenticates his password as it should, but then when he
    > tries to get a directory listing it bombs. It looks at first
    > like a passive/active issue, but, I've opened the appropriate
    > ports on the firewall, and even assigned the passive ports in
    > Proftpd. He has tried passive and active modes both, with
    > the same results. Mind you all other customers do not have
    > any issues.
    >
    > Session Transcript:
    >
    > Jul 19 17:24:04 host04 proftpd[32507]: cpu-net.com
    > (70-240-21-3.ded.swbell.net[70.240.21.3]) - FTP session
    > opened. Jul 19 17:24:04 host04 proftpd[32507]: cpu-net.com
    > (70-240-21-3.ded.swbell.net[70.240.21.3]) - USER
    > **usersname**: Login successful. Jul 19 17:24:04 host04
    > proftpd[32507]: cpu-net.com
    > (70-240-21-3.ded.swbell.net[70.240.21.3]) - Refused PORT
    > 192,168,100,3,8,118 (address mismatch) Jul 19 17:24:13 host04
    > proftpd[32507]: cpu-net.com
    > (70-240-21-3.ded.swbell.net[70.240.21.3]) - FTP session closed.
    >
    > The ip range that he's coming from was just recently issued
    > by SBC recently. I've also tried opening all ports and ips
    > to this ip address for him. To no avail.
    >
    > The customer did not have any issues prior to installing the
    > Freebsd firewall/bridge. He was also using the current ip
    > address prior as well.
    >
    > If anyone has a figment of a clue, it would be worlds of help to me.
    >
    > Thank you,
    > Don Mohlmaster
    > CPU-NET.com, Inc. Systems Administrator.
    > _______________________________________________
    > freebsd-isp@freebsd.org mailing list
    > http://lists.freebsd.org/mailman/listinfo/freebsd-isp
    > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
    >
    > --------------------------------------------------------------
    > ---------------
    > This message has been scanned for Spam and Viruses by ClamAV
    > and SpamAssassin
    > --------------------------------------------------------------
    > ---------------
    >
    >

    _______________________________________________
    freebsd-isp@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-isp
    To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"

  • Next message: Dave Hart: "Re: bridging firewall => proftpd issue."

    Relevant Pages

    • Re: bridging firewall => proftpd issue.
      ... It seems that just as I installed this firewall, a customer ... > passive ports in Proftpd. ... > The customer did not have any issues prior to installing the Freebsd ...
      (freebsd-isp)
    • Re: Trouble accessing Outlook Web Access from behind firewall
      ... When starting the firewall I also set ... > rejected and dropped packets are logged, however I see nothing in my log ... > # Higher ports needed to accept incoming/outgoing calls ...
      (comp.security.firewalls)
    • Re: iptables configuration
      ... >> that if a 'virus/trojan' initiated a connection to the net, the firewall ... >> would not protect the LAN. ... The LAN is NATed with private IPs to one public IP. ... the ports that are used by services running on linux. ...
      (comp.os.linux.security)
    • Re: Norton Personal Firewall 2003
      ... |> First thing I would do is put the GRC test site into the Exclusions ... | ports they will not get the same result being in my blocklist, ... the firewall checks unsolicited inbound communications attempts. ...
      (comp.security.firewalls)
    • Re: NetBios Names and SP2
      ... This will tell you which ports are open in the firewall as well as some ... Run the command (note: you must have the Support Tools from the Windows ... Check that "Enable NetBIOS over TCP/IP" is selected in the network ...
      (microsoft.public.windowsxp.network_web)