Red Hat Bugzilla – Bug 233987
shorewall blocks passive FTP connections
Last modified: 2007-11-30 17:12:00 EST
Description of problem:
A working configuration of shorewall suddenly started to block passive FTP
connections after a kernel upgrade.
Using the stock ftp client (command line) in FC6 or gFTP, I can connect, but
after the ls command I get "connection refused".
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. On two stock FC6, install the above versions of software.
2. Use the machines as default gateways (NAT) for two private LANs.
3. Using the command line ftp client or gFTP, try doing ftp connections between
the two machines.
The connection is established, but you get a "Connection refused" error when
trying to do a "ls" after connection.
The FTP connection should perform normally.
This was solved by upgrading shorewall to shorewall 3.4.1, available from
This RPM is not currently enclosed in Fedora Extras.
working on an upgrade 3.4.1, the bugs is related to module change names, see bug
#233659 for details
*** This bug has been marked as a duplicate of 233659 ***