[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


fedora core 3 linux ftp not working due to firewall

Posted on 2005-04-12
Medium Priority
Last Modified: 2010-04-22
I have two linux servers.  One needs to ftp into another.  The firewall on both are set to all ftp.  Taking the firewall off the server and everything works.  Put the firewall on, and it works in active mode, but wont end a command such as put, it just stands there.  How do I get it to allow ftp to the server when the firewall on the server is up?
Question by:Rebelnorth
  • 2

Accepted Solution

marxy earned 2000 total points
ID: 13763639
You need to modify config file of firewall /etc/sysconfig/iptables-config
Add (or modify) these lines
IPTABLES_MODULES="ip_nat_ftp ip_conntrack_ftp ipt_conntrack"

/etc/init.d/iptables restart

Enjoy :-)

Expert Comment

ID: 13821911
...but i do not have a /etc/sysconfig directory....what now? ;-))

Adding the connection tracking helper module for FTP is one thing, the other thing is, to reflect connection tracking / stateful inspection in your filter rules.
For example, to allow box A to ftp into box B, try this one:

on B:
modprobe ipt_conntrack ipt_conntrack_ftp
iptables -A INPUT -s A -p tcp --dport 20 -j ACCEPT
iptables -A INPUT -s A -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -s A -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -d A -m state --state ESTABLISHED,RELATED -j ACCEPT

cheers & HTH,



Expert Comment

ID: 13821931
> ...but i do not have a /etc/sysconfig directory....what now? ;-))
> SCNR....

oops, too early in the morning...
haven't realized, that the OP clearly mentioned "Fedora Core 3" in the title....:(


Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Are you ready to place your question in front of subject-matter experts for more timely responses? With the release of Priority Question, Premium Members, Team Accounts and Qualified Experts can now identify the emergent level of their issue, signal…
Suggested Courses
Course of the Month20 days, 5 hours left to enroll

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question