New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FS#1764 - ftp helper from kmod-nf-nathelper doesn't work #6719
Comments
ThomasCr: I could resolv the problem: Before this workaround was not needed and I have only updated OpenWRT and kept the same configuration. My Firewall Rule (192.168.10.5 is rd1.xxx-local-xxx.local): config rule |
jow-: Please make sure that "kmod-ipt-raw" is installed as well, this is needed to bind conntrack helpers to streams using CT rules emitted by fw3. |
ThomasCr: good to know... but should it not be a dependency, when it is needed?
|
ThomasCr: hi, today I could test it on the site which had the problem and it works. Sorry to repeat, but why has this package no dependency or suggestion to kmod-ipt-raw? |
ThomasCr:
Hi, I use OpenWRT 18.06.0 on Archer C7 v2.
After upgrade from latest LEDE to new OpenWRT my ftp connection (inside to outside) isnt working any more.
kmod-nf-nathelper is installed and loaded - router also restarted.
But the connection isnt working any more....
thats my tcpdump from the connection:
.....%A@.7.5.P..._W..230 User user logged in.
15:36:03.477896 IP rd1.xxx-local-xxx.local.53412 > pm-fw.xxx-remote-xxx.de.21: Flags [P.], seq 29:35, ack 89, win 260, length 6: FTP: FEAT
E.....@.......
.........7.5.%A@.P...p2..FEAT
15:36:03.489914 IP pm-fw.xxx-remote-xxx.de.21 > rd1.xxx-local-xxx.local.53412: Flags [P.], seq 89:99, ack 35, win 65501, length 10: FTP: 211-FEAT
E..2D.@.v.........
.....%A@.7.5.P.......211-FEAT
15:36:03.539917 IP rd1.xxx-local-xxx.local.53412 > pm-fw.xxx-remote-xxx.de.21: Flags [.], ack 99, win 260, length 0
E..(..@.......
.........7.5.%A@.P.............
15:36:03.551603 IP pm-fw.xxx-remote-xxx.de.21 > rd1.xxx-local-xxx.local.53412: Flags [P.], seq 99:128, ack 35, win 65501, length 29: FTP: SIZE
E..EE.@.v..<......
.....%A@.7.5.P...%s.. SIZE
MDTM
211 END
15:36:03.555058 IP rd1.xxx-local-xxx.local.53412 > pm-fw.xxx-remote-xxx.de.21: Flags [P.], seq 35:43, ack 128, win 260, length 8: FTP: TYPE I
E..0..@.......
.........7.5.%A@.P...2...TYPE I
15:36:03.566608 IP pm-fw.xxx-remote-xxx.de.21 > rd1.xxx-local-xxx.local.53412: Flags [P.], seq 128:148, ack 43, win 65493, length 20: FTP: 200 Type set to I.
E..<E.@.v..4......
.....%A@.7.5%P...r...200 Type set to I.
15:36:03.567247 IP rd1.xxx-local-xxx.local.53412 > pm-fw.xxx-remote-xxx.de.21: Flags [P.], seq 43:70, ack 148, win 260, length 27: FTP: PORT 192,168,10,5,208,165
E..C..@....{..
.........7.5%%A@.P...9...PORT 192,168,10,5,208,165
15:36:03.579094 IP pm-fw.xxx-remote-xxx.de.21 > rd1.xxx-local-xxx.local.53412: Flags [P.], seq 148:178, ack 70, win 65465, length 30: FTP: 200 PORT command successful.
E..FE!@.v.........
.....%A@.7.5@P...H...200 PORT command successful.
15:36:03.580969 IP rd1.xxx-local-xxx.local.53412 > pm-fw.xxx-remote-xxx.de.21: Flags [P.], seq 70:96, ack 178, win 260, length 26: FTP: SIZE user_mydat.csv
E..B..@....{..
.........7.5@%A@.P.......SIZE user_mydat.csv
15:36:03.592986 IP pm-fw.xxx-remote-xxx.de.21 > rd1.xxx-local-xxx.local.53412: Flags [P.], seq 178:189, ack 96, win 65439, length 11: FTP: 213 15493
E..3E;@.v.........
.....%A@.7.5ZP.......213 15493
15:36:03.593395 IP rd1.xxx-local-xxx.local.53412 > pm-fw.xxx-remote-xxx.de.21: Flags [P.], seq 96:122, ack 189, win 260, length 26: FTP: RETR user_mydat.csv
E..B..@....z..
.........7.5Z%AA.P.......RETR user_mydat.csv
15:36:03.604832 IP pm-fw.xxx-remote-xxx.de.21 > rd1.xxx-local-xxx.local.53412: Flags [P.], seq 189:268, ack 122, win 65413, length 79: FTP: 150 Opening BINARY mode data connection for user_mydat.csv(15493 bytes).
E..wEL@.v.........
.....%AA.7.5tP....=..150 Opening BINARY mode data connection for user_mydat.csv(15493 bytes).
15:36:03.654419 IP rd1.xxx-local-xxx.local.53412 > pm-fw.xxx-remote-xxx.de.21: Flags [.], ack 268, win 259, length 0
E..(..@.......
.........7.5t%AAUP.............
15:36:24.767221 IP pm-fw.xxx-remote-xxx.de.21 > rd1.xxx-local-xxx.local.53412: Flags [P.], seq 268:301, ack 122, win 65413, length 33: FTP: 425 Can't open data connection.
E..I.@.v.........
.....%AAU7.5tP...k/..425 Can't open data connection.
The text was updated successfully, but these errors were encountered: