[Zope] problems with ws-ftp, firewall and zope web sever.
Bryan Capitano
Bryan@capitanoweb.com
Mon, 19 Aug 2002 13:43:26 -0700
I'm shooting in the dark without knowing more about your firewall config,
but in packet-filtering firewalls (like iptables or ipchains on Linux), you
should make sure you are accepting 'established' outbound and inbound
packets. The reason is that ftp, unlike many other tcp protocols, negotiates
some of the communication ports in a dynamic fashion. Firewalls, of course,
don't like this very much.
Two ways around this situation: allow established connections in your
firewall chain rules. Adjust your ws_ftp session properties, advanced
settings to allow passive ftp.
Bryan
-----Original Message-----
From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of
Marcio Marchini
Sent: Monday, August 19, 2002 12:01 PM
To: Jianping Zhu; zope@zope.org
Subject: RE: [Zope] problems with ws-ftp, firewall and zope web sever.
Have you tried a packet sniffer ? You can see what is going on, and easily
diagnose the problem.
Try this one: http://www.analogx.com/contents/download/network/pmon.htm
marcio
| it gives info as following:
| connecting to 128.192.47.24:34864
| 200 port command successfully.
| LIST
| 150 opening ascii node data connection for the list
| !timer cancelled blocking call
| !accept error: blocking call cancelled
| !Retrieve of folder list failed (O)
|
| I failed to do ftp with ws_ftp.
|
| Any suggestions will be greatly appreciated!!
| Thanks
_______________________________________________
Zope maillist - Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )