Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 233987 - shorewall blocks passive FTP connections
Summary: shorewall blocks passive FTP connections
Keywords:
Status: CLOSED DUPLICATE of bug 233659
Alias: None
Product: Fedora
Classification: Fedora
Component: shorewall
Version: 6
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: Robert Marcano
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-03-26 15:06 UTC by Răzvan Sandu
Modified: 2007-11-30 22:12 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-03-26 15:20:49 UTC


Attachments (Terms of Use)

Description Răzvan Sandu 2007-03-26 15:06:03 UTC
Description of problem:
A working configuration of shorewall suddenly started to block passive FTP
connections after a kernel upgrade.

Using the stock ftp client (command line) in FC6 or gFTP, I can connect, but
after the ls command I get "connection refused".


Version-Release number of selected component (if applicable):
kernel-2.6.20-1.2933.fc6
vsftpd-2.0.5-8
shorewall-3.2.8-1.fc6
iptables-1.3.5-1.2.1
gFTP 2.0.1.8

How reproducible:


Steps to Reproduce:
1. On two stock FC6, install the above versions of software.
2. Use the machines as default gateways (NAT) for two private LANs.
3. Using the command line ftp client or gFTP, try doing ftp connections between
the two machines.
  
Actual results:
The connection is established, but you get a "Connection refused" error when
trying to do a "ls" after connection.

Expected results:
The FTP connection should perform normally.

Additional info:

Comment 1 Răzvan Sandu 2007-03-26 15:13:00 UTC
This was solved by upgrading shorewall to shorewall 3.4.1, available from
http://www.invoca.ch/pub/packages/shorewall/3.4/shorewall-3.4.1/shorewall-3.4.1-3.noarch.rpm

This RPM is not currently enclosed in Fedora Extras.




Comment 2 Robert Marcano 2007-03-26 15:20:49 UTC
working on an upgrade 3.4.1, the bugs is related to module change names, see bug
#233659 for details

*** This bug has been marked as a duplicate of 233659 ***


Note You need to log in before you can comment on or make changes to this bug.