From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from out2.smtp.messagingengine.com ([66.111.4.26]) by speech.braille.uwo.ca with esmtp (Exim 3.36 #1 (Debian)) id 1I4d3s-0002cX-00 for ; Sat, 30 Jun 2007 09:32:28 -0400 Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 13D193673 for ; Sat, 30 Jun 2007 09:32:26 -0400 (EDT) Received: from heartbeat2.messagingengine.com ([10.202.2.161]) by compute1.internal (MEProxy); Sat, 30 Jun 2007 09:32:27 -0400 X-Sasl-enc: VocS2eNeTq4D8IdjVDFt82FQkXfINYrq3KWEj+YzGpM/ 1183210345 Received: from cq.ftml.net (24-105-197-112.cm.mhcable.com [24.105.197.112]) by www.fastmail.fm (Postfix) with ESMTP id DDCEF12EFB for ; Sat, 30 Jun 2007 09:32:25 -0400 (EDT) Received: from chuckh by cq.ftml.net with local (Exim 4.67) (envelope-from ) id 1I4d3p-0000Yh-Mj for speakup@braille.uwo.ca; Sat, 30 Jun 2007 09:32:25 -0400 Date: Sat, 30 Jun 2007 09:32:25 -0400 From: Chuck Hallenbeck To: "Speakup is a screen review system for Linux." Subject: ftp configuration clarification Message-ID: <20070630133225.GA1654@cq.ftml.net> Mail-Followup-To: "Speakup is a screen review system for Linux." MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.16 (2007-06-11) X-BeenThere: speakup@braille.uwo.ca X-Mailman-Version: 2.1.9 Precedence: list Reply-To: "Speakup is a screen review system for Linux." List-Id: "Speakup is a screen review system for Linux." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Jun 2007 13:32:28 -0000 Hi people, I hope someone can help clarify something for me. I have two Linux systems, each behind a firewall that permits anything to go out, but accepts connections from only specified ports. I have ports 20 and 21 open on both machines. One machine runs an ftp server, vsftpd, and the other uses the standard ftp client. Everything works great: logging in, uploading, downloading, the works. Except I want to implement passive mode on the server. My concern is about my firewalls. Should I open other ports to support passive mode? Should they be server side ports or client side ports? None of the documentation I have discusses firewall issues, except to say passive mode is useful when the client is behind a firewall. But what about when the server is also behind a similar firewall? Anybody have vsftpd working with passive mode? How in heck did you do it? Thanks, Chuck -- The Moon is Full My home page with some downloads is at http://www.mhcable.com/~chuckh The early bird may get the worm, but the second mouse gets the cheese.