Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )

Advanced DNS Management
New ZoneEdit. New Managment.


Sign Up Now
Reply to this topicStart new topic
> Ftp Problems, FTP Problems via Redhat Linux Firewall
post Oct 6 2005, 12:51 AM
Post #1

Whats this Lie-nix Thing?

Group: Members
Posts: 1
Joined: 6-October 05
Member No.: 5,602

Need help with FTP Redhat Firewall problem.
Recently a Linux guy (Now moved away) setup a Linux Redhat Firewall server connected to a Cable Modem for our Windows PC's to share Internet etc.

Now the Browsing is ok and Email is ok, but we are having problems with FTP. We can connect ok to the IP Address and the username/password verifies ok, but then we get a message saying eg:-
---------------------------------------------------------------------500 I won't open a connection to (only to
! Failed "port":
! Retrieve of folder listing failed (0)
---------------------------------------------------------------------Note:- I am on the Windows pc getting the IP Address .
Now i tried passive mode using the same ftp port 21 and same problem.
The linux guy said we have to mod the IP Tables somewhere, but he is
not exactly sure where to do it to allow us to FTP from local windows pc's.? I have included the full error message ftp log below. I found the IPTables File on the Linux box, but have no idea what to do there. Any help would be greatly appreciated.

(Full FTP Log Error).
WINSOCK.DLL: WinSock 2.0
WS_FTP LE 5.08 2000.01.13, Copyright 1992-2000 Ipswitch, Inc.
- -
connecting to
Connected to port 21
220---------- Welcome to Pure-FTPd [privsep] ----------
220-You are user number 2 of 50 allowed.
220-Local time is now 19:31. Server port: 21.
220 You will be disconnected after 15 minutes of inactivity.
USER inventco
331 User inventco OK. Password required
PASS (hidden)
230-User inventco has group access to: ftponly
230 OK. Current restricted directory is /
257 "/" is your current location
215 UNIX Type: L8
Host type (S): UNIX (standard)
227 Entering Passive Mode (216,58,174,154,111,145)
connecting to
- -
connecting to
! Connection failed - connection timed out
! connect: error 0
PORT 192,168,0,13,4,76
500 I won't open a connection to (only to
! Failed "port":
! Retrieve of folder listing failed (0)
Go to the top of the page
+Quote Post
cagey cretin
post Oct 8 2005, 07:37 AM
Post #2


Group: Members
Posts: 96
Joined: 9-September 03
Member No.: 1,413

It would help to know how your firewall is set up now, so you'll need to print it out here. You can print it (to the screen) with this command (assuming default location):

cat /etc/sysconfig/iptables

If there is a lot of data, you can print it out (to screen) thus:

cat /etc/sysconfig/iptables | more

Just press the space bar for the next 'page' or the enter key to scroll line-by-line.

If you are viewing from a telnet screen on a remote computer (ie you are not logged on directly but from another machine), you should be able to select, copy and paste the output. Right click the blue bar at the top of the windows telnet screen, then select edit mark/copy/paste.
Go to the top of the page
+Quote Post
post Oct 13 2005, 12:40 AM
Post #3

RMS is my Hero

Group: Support Specialist
Posts: 862
Joined: 18-February 04
From: Wisconsin
Member No.: 2,404

Let's try a few things.

First off, please make sure you've tried PORT mode as well, not just PASSIVE.

Also, is there a reason you're using iptables? My impression is that this is a small LAN, using a Home/Small business router. As such, you probably don't need to protect this box from computers in your LAN. If you have a router, this isn't much of a reason to use iptables for security, since the router will stop unwanted traffic from getting through.

To test this firewall w/o iptables, there are serveral options.

modprobe -r ip_tables
modprobe -r iptable_filter


/etc/init.d/iptables stop (this works with some distros)


iptables -F (warning: this will flush your iptables rules. redhat should store these rules in /etc/sysconfig/iptables, so make a backup!)

If none of that works, we have to assume it's a problem with the client machine (have you tried using any other computers in this lan to do this?), or a problem with the FTP client (I personally have had trouble with WS_FTP before; a switch to SmartFTP solved that.)

Lastly, is there a reason you're using FTP? Unencrypted passwords, and all that... WinSCP might be a better option for you.

And since it works off port 22, if you can SSH in without problems, you can use SCP.

*Points finger at the author above him* They're a witch! Burn them!
Vist my website!
Join me in IRC! Server: Channel: #UnhandledExceptions
Go to the top of the page
+Quote Post

Reply to this topicStart new topic
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:


RSS Lo-Fi Version Time is now: 19th March 2018 - 06:01 AM