Bug 233987 - shorewall blocks passive FTP connections
shorewall blocks passive FTP connections
Status: CLOSED DUPLICATE of bug 233659
Product: Fedora
Classification: Fedora
Component: shorewall (Show other bugs)
All Linux
medium Severity high
: ---
: ---
Assigned To: Robert Marcano
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2007-03-26 11:06 EDT by Răzvan Sandu
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-03-26 11:20:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Răzvan Sandu 2007-03-26 11:06:03 EDT
Description of problem:
A working configuration of shorewall suddenly started to block passive FTP
connections after a kernel upgrade.

Using the stock ftp client (command line) in FC6 or gFTP, I can connect, but
after the ls command I get "connection refused".

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. On two stock FC6, install the above versions of software.
2. Use the machines as default gateways (NAT) for two private LANs.
3. Using the command line ftp client or gFTP, try doing ftp connections between
the two machines.
Actual results:
The connection is established, but you get a "Connection refused" error when
trying to do a "ls" after connection.

Expected results:
The FTP connection should perform normally.

Additional info:
Comment 1 Răzvan Sandu 2007-03-26 11:13:00 EDT
This was solved by upgrading shorewall to shorewall 3.4.1, available from

This RPM is not currently enclosed in Fedora Extras.

Comment 2 Robert Marcano 2007-03-26 11:20:49 EDT
working on an upgrade 3.4.1, the bugs is related to module change names, see bug
#233659 for details

*** This bug has been marked as a duplicate of 233659 ***

Note You need to log in before you can comment on or make changes to this bug.