tls
Rejy M Cyriac
rcyriac at redhat.com
Sat Sep 7 07:05:01 UTC 2013
On 09/07/2013 12:28 PM, Reindl Harald wrote:
>
>
> Am 07.09.2013 08:38, schrieb Rejy M Cyriac:
>> If you are using iptables for firewall, you could use the 'ip_nat_ftp'
>> and 'ip_conntrack_ftp' module if you are behind nat, or
>> 'ip_conntrack_ftp' module alone otherwise, for having the firewall ports
>> dynamically opened on demand. You specify the module to be loaded in
>> '/etc/sysconfig/iptables-config'
>
> did you read the subject?
> did you try it?
>
Have tried ftp in general, not ftps specifically.
> as i have alreday said: 'ip_conntrack_ftp' does *not* work with encrypted connections
>
Sorry, missed that.
This is new information to me. Adding to my ever-growing 'To Do' list to
check.
- rejy (rmc)
> why?
> because it hardly can read the answer which port was negotiated for ftp-data
> you may try it, been there done that
>
More information about the users
mailing list