Bug 51500 - can't find ip_masq_ftp
Summary: can't find ip_masq_ftp
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: kernel   
(Show other bugs)
Version: 7.1
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Arjan van de Ven
QA Contact: Brock Organ
Depends On:
TreeView+ depends on / blocked
Reported: 2001-08-11 02:16 UTC by Luis Cortes
Modified: 2007-04-18 16:35 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2003-06-06 16:52:53 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Luis Cortes 2001-08-11 02:16:42 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-7.0.1 i686)

Description of problem:
I have setup ipchains for my firewall.  It works great except for ftp. 
Looking at the firewall setupscript provided by RH, I see that it needs
kernel module ip_masq_ftp, which is nowhere to be found in
the rpms.  Does anyone know where it is.  Or maybe a solution that works.

How reproducible:

Steps to Reproduce:
1. Setup ipchains firewall
2. Setup an internal network { with masq to do the nat for us }
3. Open up ftp port and data to the internal network { so that your
internal users can use ftp to get files from sites }.

Actual Results:  I can connect to a site and see header information.  But
when i do a ls, I get a timeout.  Also, in IE.	

Expected Results:  List directory contents of website.

Additional info:

Comment 1 Michael Schwendt 2001-08-11 06:13:56 UTC
There is no ip_masq_ftp module for the ipchains compatibility implementation in
the 2.4.x kernels. Switch to iptables if you want protocol-specific masquerading
again, or enable "passive mode" when using FTP. Alternatively, you may opt to
run the 2.2.19-7.0.1 kernel from Red Hat Linux 7.0 any time. With a few
exceptions that may be important to you, 7.1 is compatible with that one. So,
iptables is the way to go...

Note You need to log in before you can comment on or make changes to this bug.