Page 1 of 1

ipfilter and passive ftp

Posted: Mon Jan 14, 2008 4:04 am
by cybercow
I`m using standard ftpd from IRIX dist, altrough the active ftp seems working fine, the passive one blocs the traffic all the time.

here the piece of ipf.conf for ftp, the passive block is wrong:

Code: Select all

# active FTP
pass in quick proto tcp from any port > 1023 to 'my_server_ip_addr' port = 21 flags S  keep state
pass out quick proto tcp from any port = 20 to any port > 1023 flags S keep state

# passive FTP
pass in quick proto tcp from any to 'my_server_ip_addr' port 15000 >< 20000 flags S keep state
pass out proto tcp all keep state

Re: ipfilter and passive ftp

Posted: Tue Jan 15, 2008 12:18 pm
by mmendez
Which machine is running ipfilter? Have you tried setting up ipf to use the ftp proxy feature?