we are running a published FTP server.
All worked pretty well until some days ago, one of our customers can't download any file. Download gets abortet every time he tries.
So I searched the FW-Log and found this:
2012:04:24-12:09:27 ***XX-1 ulogd[5793]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" mark="0xa2" app="162" srcip="" dstip="" proto="6" length="89" tos="0x00" prec="0x00" ttl="127" srcport="21" dstport="54237" tcpflags="ACK PSH" info="nf_conntrack_ftp: invalid IP address, resetting connection "
2012:04:24-12:09:27 ***XX-1 ulogd[5793]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" outitf="eth1" mark="0xa2" app="162" srcmac="0:1a:8c:f0:5:1" srcip="" dstip="" proto="6" length="89" tos="0x00" prec="0x00" ttl="127" srcport="21" dstport="54237" tcpflags="ACK PSH" info="nf_ct_ftp: dropping packet"
Any idea what might be the problem?
What does nf_ct_ftp: dropping packet and nf_conntrack_ftp: invalid IP address, resetting connection mean?
Port 20,21,Passive are properly forwarded.
FTP is located in DMZ. Connection, Download and Upload works from internal network.
thanks,
jauer
This thread was automatically locked due to age.
