[Zope] iptables locks out zope ftp

Roel Van den Bergh roel@planetinterior.com
Wed, 23 Oct 2002 09:32:20 +0200 

Thanks for the quick respond :-)

Tried this first without succes
# Load Modules
/sbin/modprobe ip_tables
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_nat_ftp ports=21,8021
/sbin/modprobe ip_conntrack_ftp ports=21,8021
/sbin/modprobe ip_conntrack_irc

Then tried the following:

[root@server sbin]# rmmod ip_nat_ftp
[root@server sbin]# insmod ip_nat_ftp ports=21,8021

worked fine

but I do not seem to be able to do the same with ip_conntrack_ftp

[root@server sbin]# rmmod ip_conntrack_ftp
ip_conntrack_ftp: Device or resource busy

used Webmin to track down dependencies without succes

tried to use depmod but it doesn't help me

[root@server sbin]# depmod -n ip_conntrack_ftp
# module             id=string
# pci module         vendor     device     subvendor  subdevice  class
class_mask driver_data
# isapnp module      cardvendor carddevice driver_data vendor     function
...
# usb module         match_flags idVendor idProduct bcdDevice_lo
bcdDevice_hi bDeviceClass bDeviceSubClass bDeviceProtocol bInterfaceClass
bInterfaceSubClass bInterfaceProtocol driver_info
# module             pattern
# ieee1394 module    match_flags vendor_id model_id specifier_id version
# module             id

Any hints?
TIA, Roel.

> -----Oorspronkelijk bericht-----
> Van: keo [mailto:keo@goa.hu]
> Verzonden: dinsdag 22 oktober 2002 17:33
> Aan: Roel Van den Bergh
> CC: zope@zope.org
> Onderwerp: Re: [Zope] iptables locks out zope ftp
>
>
>
> try :
>
> insmod ip_nat_ftp ports=21,8021
> insmod ip_conntrack_ftp ports=21,8021
>
> this will track ports and will allocate and free them automatically.
>
> this works fine for me. altough i dont have all this iptables config
> mess...
>
>
> k
> -- don't believe everything you think
>
> On Tue, 22 Oct 2002, Roel Van den Bergh wrote:
>
> > been on to this for a while but haven't found the solution yet
> >
> > Searching the net I found similar cases but with no answer :-(
> >
> > using iptables we can ftp to the server and access zope ftp through port
> > 8021
> > but when the ftp program tries to open another port the ftp session is
> > timed-out/blocked.
> >
> > When we disable the firewall we can ftp right into zope
> > And yes we use passive mode
> >
> > Running zope 2.5.1 build from source, pyhon 2.1.3 build from source rpm,
> > redhat 7.3 on  dell powerapp 120
> >
> > What's wrong?
> > TIA, Roel.