FTP connectivity problem
If you are getting following error while FTP directory listing, follow the solution provided below
———-
ftp> ls
227 Entering Passive Mode (108,61,169,245,167,161).
ftp: connect: No route to host
———-
Solution
Edit /etc/sysconfig/iptables-config and add this line:
IPTABLES_MODULES=”ip_conntrack_ftp”
Save it and restart iptables.
That’s because passive mode use non standard ports to communicate, so you need to keep trak of the ftp connections and iptables will allow them when necessary.
However, you will need to do this every time you reboot your RedHat server. Thus as a more permanent solution you can persistently load this module after each reboot by creating executable shell script within /etc/sysconfig/modules/ directory. Create file /etc/sysconfig/modules/iptables.modules with the following content:
#!/bin/sh
exec /sbin/modprobe ip_conntrack_ftp >/dev/null 2>&1
Once you save this file you also need to make it executable:
# chmod +x /etc/sysconfig/modules/iptables.modules
Another solution is specify the passive ports that will be used on FTP server configuration, then open those specific ports on firewall.