Re: ipfilter (ipf) and active FTP clients

Brian McEntire · ‎08-21-2003

Can someone recommend rules to allow active FTP to succeed on an HP-UX 11i server?

I've already set:

pass out quick proto tcp from any to any keep state

But that only allows passive FTP. I have scripts that need active FTP.

Steven E. Protter · ‎08-21-2003

How does this work?

pass in quick tun0 proto tcp from any to port = 21
pass out quick on tun0 proto tcp from = 21 to any

I'm a novice with ip filter, but have a few good manuals around.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Brian McEntire · ‎08-21-2003

The problem seems to be with port 20 (ftp-data) on the remote end trying to open a connection back the host running the active FTP client and ipfilter.

When I FTP to a remote site, I can connect and authenticate fine. Then I type 'ls' and the FTP session just hangs.

ipmon on running on the same host as the active ftp client says it blocked this:

21/08/2003 18:26:55.118716 lan0 @0:15 b ,20 -> ,49460 PR tcp len 20 60 -S IN

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: ipfilter (ipf) and active FTP clients

ipfilter (ipf) and active FTP clients

Re: ipfilter (ipf) and active FTP clients

Re: ipfilter (ipf) and active FTP clients