Rajendra Rait wrote:
Hi Gurus,
I am using Red Hat Linux 7.0 which acts as an proxy server(Transparent Squid), and firewall server(Ipchains). I use dial-up connection. My problem is whenever i connect to an ftp site my get this error:-
~ Login completed.
PORT 10,1,11,11,8,230
< 500 Illegal PORT Command ~ Could not retrieve directory listing for "/"
Below is my firewall rules:-
:input ACCEPT :forward ACCEPT :output ACCEPT :pbi - -A input -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 80:80 -p 6 -j REDIRECT 3128
-A input -i ppp0 -p tcp --dport 23 -j DENY -A input -i ppp0 -p tcp --syn -j DENY -A forward -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 -i ppp0 -j pbi -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 22:22 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 21:21 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 23:23 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 25:25 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 110:110 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 443:443 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 5050:5050 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 5100:5100 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 8383:8383 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 3128:3128 -p 6 -j MASQ -A pbi -s 10.1.0.0/255.255.0.0 -d 0.0.0.0/0.0.0.0 1863:1863 -p 6 -j MASQ
Please let me know what is wrong in my rule, so that ftp-sites can connect smoothly.
Can't remember, dont we require some ftp module loaded. Check /lib/modules/version/ipv4/ and see if there is some ftp related module, load and then check.
-Krishna.