FTP-SSL explicit

Linux Netfilter discussions
 help / color / mirror / Atom feed

* FTP-SSL explicit
@ 2004-08-09 20:27 Patrick Ahler
  2004-08-09 20:32 ` Antony Stone
  2004-08-22 21:24 ` gadgeteer
  0 siblings, 2 replies; 3+ messages in thread
From: Patrick Ahler @ 2004-08-09 20:27 UTC (permalink / raw)
  To: netfilter

Does anyone know off hand which ports I need to open on my
gateway/firewall for ftp over ssl (explicit) besides port 990???


Patrick Ahler
Systems Administrator


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: FTP-SSL explicit
  2004-08-09 20:27 FTP-SSL explicit Patrick Ahler
@ 2004-08-09 20:32 ` Antony Stone
  2004-08-22 21:24 ` gadgeteer
  1 sibling, 0 replies; 3+ messages in thread
From: Antony Stone @ 2004-08-09 20:32 UTC (permalink / raw)
  To: netfilter

On Monday 09 August 2004 9:27 pm, Patrick Ahler wrote:

> Does anyone know off hand which ports I need to open on my
> gateway/firewall for ftp over ssl (explicit) besides port 990???

I don't know, but I know how you can find out.

Add a LOG rule at the end of your FORWARD chain (just before the packets get 
DROPped), and see what's trying to get between client & server.

That'll tell you what you need to add as an ACCEPT rule.

Regards,

Antony.

-- 
Wanted: telepath.   You know where to apply.

                                                     Please reply to the list;
                                                           please don't CC me.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: FTP-SSL explicit
  2004-08-09 20:27 FTP-SSL explicit Patrick Ahler
  2004-08-09 20:32 ` Antony Stone
@ 2004-08-22 21:24 ` gadgeteer
  1 sibling, 0 replies; 3+ messages in thread
From: gadgeteer @ 2004-08-22 21:24 UTC (permalink / raw)
  To: netfilter

On Mon, Aug 09, 2004 at 04:27:03PM -0400, Patrick Ahler (patrick@vikus.com) wrote:
> Does anyone know off hand which ports I need to open on my
> gateway/firewall for ftp over ssl (explicit) besides port 990???

ftp_tls explicit?  Is this something new?  In setting up our
implementation last spring I saw no mention of "explicit" in any of the
specification documents.

[a bit of googling]

ah... I see.  You will have to consult your software vendor as this
implicit/explicit distinction falls outside of the ftp_tls
specification.

Have fun,
-- 
Chief Gadgeteer
Elegant Innovations

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2004-08-22 21:24 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-08-09 20:27 FTP-SSL explicit Patrick Ahler
2004-08-09 20:32 ` Antony Stone
2004-08-22 21:24 ` gadgeteer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox