NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] VS: [FW-1] ftp problems - command ended without a new line

  • To: [email protected]
  • Subject: [FW-1] VS: [FW-1] ftp problems - command ended without a new line
  • From: "Berg-Olsen, Børge" <[email protected]>
  • Date: Mon, 24 Feb 2003 12:09:29 +0100
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcLb77FvC2GTZimXQPGpnuW9sZD6dgABXyvw
  • Thread-topic: [FW-1] ftp problems - command ended without a new line
-----Opprinnelig melding-----
Fra: Gareth Bromley [mailto:[email protected]]
Sendt: 24. februar 2003 11:30
Til: Berg-Olsen, Børge
Emne: Re: [FW-1] ftp problems - command ended without a new line


As subject:

Can you forward to group as I dont have access from this mail account :)
On Mon, 24 Feb 2003, [iso-8859-1] "Berg-Olsen, Børge" wrote:
> I get a "message_info: Port command ended without a new line" log entry when
> trying to connect to a particular external FTP site from machines behind
> FW-1 NG FP3.
> Have anyone seen this issue before, and have a solution for it?
> I am wondering if it is a malformed ftp script, or if it is a
> "feature" of NG FP3...
Not a feature of CP NG FP3, but more a feature of your FTP server/TCP
wrappers.

Having recently debugged an exact same issue for a client, where they:
- Used TCP wrappers to limit FTP access in addition to the Firewall
rulebase.
- For a catch all they had TCP wrappers setup to:
  in.ftpd: 0.0.0.0/0.0.0.0 : twist = /bin/echo 421 for ftp use
ftp.company.com

And it was this that was generating non-newline terminated responses to
connections not explicitly permitted elsewhere in /etc/hosts.allow.

It would appear that FP3 is maybe more inline with RFC959 which indicates
the need for "Telnet end-of-line code" i.e. CR and LF or NVT-ASCII (Never
come across that before myself).

Hope this helps

Gareth

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.