Red Hat Bugzilla – Bug 8463
firewall breaks wu-ftp due to ident
Last modified: 2008-05-01 11:37:53 EDT
Ident seems to be compiled into wu-ftpd. We're running a server outside of
our firewall, and couldn't get into it from inside the firewall. Turns out
the firewall is eating the ident packets and not sending a "icmp
unreachable" response back to the server. This causes the server to hang
there and never (seemingly) deliver a login prompt.
Adding -I0 to the in.ftpd command line in /etc/inetd.conf fixes this.
I don't know if our firewall configuration is "normal" or not, but we
probably can't get to any 6.1 redhat ftp servers out there on the net
either. Others may or may not have the same problem.
(FYI: We've had ident problems with sendmail before too...)
P.S. It's annoying not to be able to search the mailing lists any longer.
I take it back. This problem is happening on a RedHat 6.0 system, not 6.1.
A final policy decision is up to the system administrator - the RH default works
for most people, and the mechanism for selecting policy does work.