Bug 51500

Summary: can't find ip_masq_ftp
Product: [Retired] Red Hat Linux Reporter: Luis Cortes <lcortes>
Component: kernelAssignee: Arjan van de Ven <arjanv>
Status: CLOSED NOTABUG QA Contact: Brock Organ <borgan>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.1   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2003-06-06 16:52:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Luis Cortes 2001-08-11 02:16:42 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-7.0.1 i686)

Description of problem:
I have setup ipchains for my firewall.  It works great except for ftp. 
Looking at the firewall setupscript provided by RH, I see that it needs
kernel module ip_masq_ftp, which is nowhere to be found in
the rpms.  Does anyone know where it is.  Or maybe a solution that works.

How reproducible:
Always

Steps to Reproduce:
1. Setup ipchains firewall
2. Setup an internal network { with masq to do the nat for us }
3. Open up ftp port and data to the internal network { so that your
internal users can use ftp to get files from sites }.
	
	

Actual Results:  I can connect to a site and see header information.  But
when i do a ls, I get a timeout.  Also, in IE.	

Expected Results:  List directory contents of website.

Additional info:

Comment 1 Michael Schwendt 2001-08-11 06:13:56 UTC
There is no ip_masq_ftp module for the ipchains compatibility implementation in
the 2.4.x kernels. Switch to iptables if you want protocol-specific masquerading
again, or enable "passive mode" when using FTP. Alternatively, you may opt to
run the 2.2.19-7.0.1 kernel from Red Hat Linux 7.0 any time. With a few
exceptions that may be important to you, 7.1 is compatible with that one. So,
iptables is the way to go...