Re: [Bastille-linux-discuss] 1.20 ftp

[Harmon S. <hs...@am...>]

Peter W wrote:

> On Fri, May 18, 2001 at 09:56:51AM -0500, Harmon Seaver wrote:
> >     I'm not able to ftp into my server from the internal
> > network. I've got passive set to no
>
> which only affects FTP'ing
>  - from your Bastille'd box to something else
>  - through your Bastille'd box using NAT/masq
>
> > and in /etc/ftphosts I've got the line "allow hseaver
> > 192.168.0.4" and /etc/xinetd.d/wu-ftpd doesn't have the
> > libwrap line or any disable=yes line. Which, frankly,
> > surprises me, since all the others I've looked at do.
>
> Surprises me, too. Does it have any disable= line?

     no disable= line whatsover.

>
>
> >     Any other files I should be looking at?
>
> With no NOLIBWRAP flag, /etc/hosts.(allow|deny) come into
> play. Also /etc/xinetd.conf may have a no_access line,
> in which case you need to add allow_from in the wu-ftpd
> config file.

     Oh duh!, I just went thru this with ipop, double duh! I guess
the fact that wu-ftpd didn't have those two lines the others had
confused me.

>
>
> If you are logging in to the ftpd but can't list or
> xfer files, somewhere (/usr/share/docs/Bastille?) you
> should h-ave a file named readme.ftp that explains the
> problems with running an ftp server on a box with
> ipchains, and what you can do, i.e. setting a range for
> passive ftp ports, and allowing those with ipchains.

     Well, I can log in now, and am not getting a file list, so I
guess I'll have to relook at this. Did read the readme.ftp before but
disregarded it since it seems to be for ipchains, and I'm running
iptables.

>
>
> -Peter
>
> _______________________________________________
> bastille-linux-discuss mailing list
> bas...@li...
> http://lists.sourceforge.net/lists/listinfo/bastille-linux-discuss

--
Harmon Seaver, MLIS
CyberShamanix
Work 920-203-9633   hs...@cy...
Home 920-233-5820 hs...@am...