[7.470][BUG][NOTABUG] ips-ftp connection timeout

Hi Friends !

i am have a server (ftp,webserver) it was working fine but when i add addinal ips rules i am getting error/unable to connect to ftp server but webserver is working fine

i am using sles 10 pure-ftp server

2009:08:07-21:34:19 ace75 frox[8917]: Connect from 10.242.1.2
2009:08:07-21:34:19 ace75 frox[8917]: ... to 121.x7.x.x()
2009:08:07-21:37:28 ace75 frox[8917]: Connection timed out when trying to connect to 121.x.xx.xx
2009:08:07-21:37:28 ace75 frox[8917]: Connection closed -- unable to contact server
2009:08:07-21:37:28 ace75 frox[8917]: Closing session

i have to use pptp normal connection doesnt work but with pptp it was working i use ftp and ask friend to upload some files to ftp server and it was fine

edit/update :but when i connect server directly to internet ftp works fine
edit/update2:i trying with another ftp server vsftp with same result

Thanks

Parents

0 andyk007 over 15 years ago

but the problem is this line:

srcip="121.x.x.x." dstip="121.x.x.x.x"

In my oppinion you have some snat entries that change the source or the destination. As result the astaro pick up the connection with same source and destination and the ips rule will match. If you disable this rule could you please be so kind and do a tcpdump by trying to connect. Maybe you will see at the astaro that source ip = destination ip.

greetings
andreas
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 andyk007 over 15 years ago

but the problem is this line:

srcip="121.x.x.x." dstip="121.x.x.x.x"

In my oppinion you have some snat entries that change the source or the destination. As result the astaro pick up the connection with same source and destination and the ips rule will match. If you disable this rule could you please be so kind and do a tcpdump by trying to connect. Maybe you will see at the astaro that source ip = destination ip.

greetings
andreas
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data