Passive ftp mode assists the client machine in transferring data through a
packet filter firewall.
According to O'Reilly's book "Practical Unix & Internet Security":
"Packet filters do not handle the FTP protocol well because data transfers
occur over high-numbered TCP ports; however, this problem can be alleviated
by FTP clients that support the FTP passive mode."
At our firm, we had nothing but trouble with this, hence I have this item
highlighted in the book. I believe the firewall that is bundled with RHL is
a packet filter, and the solution to your problem may well be the
implementation of a proxy.
Hope that helps a little, anyway.
Beth :0)
> -----Original Message-----
> From: Doug Roberts [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, April 28, 1998 2:44 PM
> To: [EMAIL PROTECTED]
> Subject: Firewall FTP Problems
>
>
> We're running an RH linux firewall, but users are starting to complain
> about the problems using passive FTP. On large file transfers, the file
> will get to 100% or very close, and just hang. Since we're on ISDN, a 10
> meg file is a significant investment of time, and getting that far only to
> fail is getting irritating.
>
> I've looked for a definition of passive mode ftp to no avail, so
> that makes
> finding a solution that much more challenging :/
>
> Can anyone point me in the right direction? Are there known fixes? The
> mailing list archives gave me zero hits, although I continue to search
> other resources.
>
> Doug Roberts
> [EMAIL PROTECTED] http://www.headspace.com
> [EMAIL PROTECTED] http://www.rhbaby.com
>
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips
> /mailing-lists
> To unsubscribe: mail [EMAIL PROTECTED] with
> "unsubscribe" as the Subject.
>
>
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
