bridging firewall => proftpd issue.

Wolfpaw - Dale Corse admin-lists at wolfpaw.net
Tue Jul 20 11:30:11 PDT 2004 

Has he tried using PASV? The port is coming from 192.168.100.3 .. Not
from his real IP. Likely he has some kind of firewall now.. And that
is causing the issue. I don't think its your end.. Bridges don't change
The IP address (Unless your using nat).. So it wouldn't likely be you.

D.
--------------------------------
Dale Corse
System Administrator
Wolfpaw Services Inc.
http://www.wolfpaw.net
(780) 474-4095

> -----Original Message-----
> From: owner-freebsd-isp at freebsd.org 
> [mailto:owner-freebsd-isp at freebsd.org] On Behalf Of CPU 
> Customer Support
> Sent: Tuesday, July 20, 2004 10:07 AM
> To: freebsd-isp at freebsd.org
> Subject: bridging firewall => proftpd issue.
> 
> 
> The isp I administrate is running a full set of Redhat 9 
> servers.  (Not my choice)  But, as I just took over the 
> position recently, I have been upgrading the security all 
> around.  In doing this I've installed a Bridging firewall 
> running FreeBSD 4.9 compiled for the security branch, and 
> IPFW.  It seems that just as I installed this firewall, a 
> customer is no longer able to ftp into our main Redhat 
> machine.  The redhat machine is running Proftpd 1.2.9.  
>  
> The issue:
>  
> The user can log in and authenticate.  It successfully 
> authenticates his password as it should, but then when he 
> tries to get a directory listing it bombs.  It looks at first 
> like a passive/active issue, but, I've opened the appropriate 
> ports on the firewall, and even assigned the passive ports in 
> Proftpd.  He has tried passive and active modes both, with 
> the same results.  Mind you all other customers do not have 
> any issues.
>  
> Session Transcript:
>  
> Jul 19 17:24:04 host04 proftpd[32507]: cpu-net.com
> (70-240-21-3.ded.swbell.net[70.240.21.3]) - FTP session 
> opened. Jul 19 17:24:04 host04 proftpd[32507]: cpu-net.com
> (70-240-21-3.ded.swbell.net[70.240.21.3]) - USER 
> **usersname**: Login successful. Jul 19 17:24:04 host04 
> proftpd[32507]: cpu-net.com
> (70-240-21-3.ded.swbell.net[70.240.21.3]) - Refused PORT 
> 192,168,100,3,8,118 (address mismatch) Jul 19 17:24:13 host04 
> proftpd[32507]: cpu-net.com
> (70-240-21-3.ded.swbell.net[70.240.21.3]) - FTP session closed.
>  
> The ip range that he's coming from was just recently issued 
> by SBC recently.  I've also tried opening all ports and ips 
> to this ip address for him.  To no avail.
>  
> The customer did not have any issues prior to installing the 
> Freebsd firewall/bridge.  He was also using the current ip 
> address prior as well.
>  
> If anyone has a figment of a clue, it would be worlds of help to me.
>  
> Thank you,
> Don Mohlmaster
> CPU-NET.com, Inc. Systems Administrator. 
> _______________________________________________
> freebsd-isp at freebsd.org mailing list 
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
> 
> --------------------------------------------------------------
> ---------------
> This message has been scanned for Spam and Viruses by ClamAV 
> and SpamAssassin
> --------------------------------------------------------------
> ---------------
> 
>

More information about the freebsd-isp mailing list