|
Hi all,
After working with Joseph and Julian a couple of weeks ago, I got passive
ftp working with NAT and ip_masq_ftp. Turned out that the PASV string the
FTPD was sending wasn't exactly the same string the ip_masq_ftp module for
kernel 2.2.16 was expecting. After modifying the FTPD it fixed the
problems. The fix also fixed a problem when ftping to the ftp server from
behind a work firewall where the symptoms showed the opposite problem, I
could passive FTP but not active FTP.
I have now upgraded to Kernel 2.2.19 from 2.2.16. Along with the upgrade I
upgraded to the 1.08 IPVS patch and 1.15 of ipvsadm from 0.9.15 of the IPVS
patch for kernel 2.2.16.
Everything seems to work okay with this new setup, ftp works in both active
and passive mode when connecting to the server, except when trying to ftp to
the server from behind my work's firewall. When in active mode I just
timeout when doing an 'ls' and I get a 'Connection Refused' when ftping in
passive mode.
Again, everything works fine when ftping from the same client behind the
firewall to LVS servers that are still running my 2.2.16 and 0.9.15 version
of the patch.
I know that the ip_masq_ftp module was overhauled for kernel 2.2.19. I AM
including starting the module with in_ports=21 for the new module.
Does this sound like an LVS problem with the new version, or a problem with
the ip_masq_ftp module for kernel 2.2.19?
I've also verified I get the same problems with both the FTPD I am using
with the old kernel, and WUFTPD.
|
