HI I had problem with ftp(proftp), take long time to login and almost not login correctly, after searching I found to open port 20 in my firewall)(iptables) and its working and working so fast. but I am feeling this is not correct and good. I already opened port 21 i install FC5 (perfect install+ispconfig) any recommendation? and what is better ftp active mode or passive ? many thanks
Opening port 20 is fine if you want to use active FTP. Please have a look here for a detailed exolanation: http://slacksite.com/other/ftp.html I'am not sure if one can say active or passive FTP is better. One some internet connections I get better results with passive FTP, on others active FTP is more reliable and faster.
thanks hi till thanks for good information, I solved the problem by adding : modprobe ip_conntrack_ftp modprobe ip_nat_ftp to my iptables and its work great right now(local/outside) pasive and active one more question : what about open DNS? how to close it ? note I am running the dns in the same server dns1 an ddns2
The open DNS dont have to be closed, its not really open, it just allows recursion by DNS clients. But thats your personal decision. Have a look here for the bind directive: http://www.howtoforge.com/forums/showthread.php?t=9453&highlight=open+dns
