Description of problem: A working configuration of shorewall suddenly started to block passive FTP connections after a kernel upgrade. Using the stock ftp client (command line) in FC6 or gFTP, I can connect, but after the ls command I get "connection refused". Version-Release number of selected component (if applicable): kernel-2.6.20-1.2933.fc6 vsftpd-2.0.5-8 shorewall-3.2.8-1.fc6 iptables-1.3.5-1.2.1 gFTP 2.0.1.8 How reproducible: Steps to Reproduce: 1. On two stock FC6, install the above versions of software. 2. Use the machines as default gateways (NAT) for two private LANs. 3. Using the command line ftp client or gFTP, try doing ftp connections between the two machines. Actual results: The connection is established, but you get a "Connection refused" error when trying to do a "ls" after connection. Expected results: The FTP connection should perform normally. Additional info:
This was solved by upgrading shorewall to shorewall 3.4.1, available from http://www.invoca.ch/pub/packages/shorewall/3.4/shorewall-3.4.1/shorewall-3.4.1-3.noarch.rpm This RPM is not currently enclosed in Fedora Extras.
working on an upgrade 3.4.1, the bugs is related to module change names, see bug #233659 for details *** This bug has been marked as a duplicate of 233659 ***