In my DMZ zone, I blocked all ports except FTP, FTP-DATA, HTTP , WHOIS,
DNS, SMTP and HTTPS, since the servers in that zone only use those. I
block everything else. However, when I try fetching something (my DCC
update package) using FTP (through wget), it fails at the 'PASV'. I
tried using the --passive-ftp switch, but it doesn't change anything.
Is there anything I can do? From what I understand wget works in
active mode by default.
I tried with ncftp and I get a similar problem. With passive = off,
the listings fail. With passive = on, the listing times out.
I searched through the archives and have seen a couple of messages with
this problem, but no solution. Anyone has a clue? From what I could
read, active should work without problem, and passive should work if I
know the higher ports used. In my case, active doesn't work and I can't
tell what higher ports are used since it is not my ftp server.