Hello,
Thank.
Port 990, is the default (filezilla).
By the way, using firewall-config.
In public zone service ssh is check but not ftp. Am I supposed to check ftp?
The port for ftp is 21 (I guess default).
There is no service ftps, do I need to create it?
I can easy create port 990, but I not know how to create service ftps
associated to a port!
Sorry for my poor background in this stuff.
Am 07.09.2013 01:09, schrieb Patrick Dupre:
>> ----- Original Message -----
>> From: Reindl Harald
>> Sent: 09/07/13 12:48 AM
>> To: Community support for Fedora users
>> Subject: Re: tls
>>
>> Am 07.09.2013 00:43, schrieb Patrick Dupre:
>>> I installed pure-ftpd on my machine to use the TLS protocle.
>>> I followed the instructions given in:
>>>
http://www.howtoforge.com/how-to-configure-pureftpd-to-accept-tls-session...
>>>
>>> but I still cannot ftp by using ftps (filezilla)
>>
>> be explicit - you can not connect or you can not list folders and transfer data
> Status: Connecting to 193.49.194.196:990...
> Status: Connection attempt failed with "EHOSTUNREACH - No route to host".
> Error: Could not connect to server
why port 990?
even if the port would be correct you need
a) verify on which ports your daemon is listening (man netstat)
b) make sure that ports are open
AFAIK it is using STARTTLS
http://en.wikipedia.org/wiki/STARTTLS
>>
http://slacksite.com/other/ftp.html conatins basics about FTP
>>
>>> Do I need to configure the firewall to open the port?
>>
>> you need to open the passive port-range in the firewall by hand
>> "nf_conntrack_ftp" as any other DPI can not work with encrypted
streams
> This, I do not know what to do:
> I do not see any nf_conntrack_ftp in public service or in selinux
man iptables
if you do not specify "PassivePortRange" the passive port can be anything
between 1024 and 65535 and if you do use active FTP mode than you need
to setup the firewall on the client properly - at the end of the day it
doe snot matter who is chosing the random port for the data connection
and the otehr side has to open this port
to understand what you are doing i posted
>>
http://slacksite.com/other/ftp.html conatins basics about FTP
only few people (inclduing a lot of professional amdins) do understand FTP really
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire de Physico-Chimie de l'Atmosphère | |
Université du Littoral-Côte d'Opale | |
Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44
189A, avenue Maurice Schumann | | 59140 Dunkerque, France
===========================================================================