McAfee Firewall Blocking FTP
From: S. Miller (n7apeNOSPAM_at_amsat.org)
Date: 12/14/03
- Next message: Sigurd Kallhovde: "ZoneAlarm and LAN/IP full-screen games"
- Previous message: NeoSadist: "Re: Sygate Personal Firewall HTTP Post Request Weirdness"
- Next in thread: J Jay: "Re: McAfee Firewall Blocking FTP"
- Reply: J Jay: "Re: McAfee Firewall Blocking FTP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 14 Dec 2003 11:19:00 -0800
I have a problem that I can't figure out how to solve...
I have WinXP and McAfee Internet Security 5.0 with their firewall software.
If the firewall is turned off, I can open up a command window and ftp to a
remote system on the Internet and do data transfers.
If the firewall is turned on and filtering packets, I can connect to a
system with ftp and log in, but as soon as I try a DIR ftp command it hangs.
The McAfee firewall log shows that a TCP packet from the remote system port
20 was blocked. OK, I'm connected to an active ftp server so I am expecting
a packet from the remote's port 20. The default firewall rule for ftp
doesn't mention anything about packets from remote port 20, but I'll get to
that in a second. Interesting thing is:
I have the firewall configured to grant FTP *full* access! In other words,
it *should* let FTP communicate in any way it wants.
Now back to the default FTP rule. I edited it for FTP to include the rule
"Accept incoming traffic if the remote port is 20" and changed the firewall
policy for ftp to be "filter" (instead of *full access*). The firewall
still blocks it. This doesn't surprise me since it also blocks it when I
tell it to give FTP full access, but I still tried it. (I list the full set
of rules at the end of this message.)
Oh, and if I tell the firewall to "allow all traffic", ftp works -- in other
words, same effect as if the firewall is turned off. So it's definitely
McAfee's firewall that's blocking this packet.
I can't find anywhere in McAfee's firewall menus that indicates something
else that is instructing it to block this type of packet. Thus, I can't
figure out how to get ftp to work while McAfee's firewall is running and
filtering.
Any ideas?
--- Here are the rules set for FTP in McAfee Firewall: 1. Allow this program to communicate, if the remote port is 20 (this is the rule I added). 2. Allow this program to communicate, if the data direction is incoming, and if the protocol is TCP/IP, and if the remote port is 46088, 54325 or 56514 (McAfee default rule). 3. Allow this program to communicate, if the data direction is outbound, and if the protocol is TCP/IP, and if the remote port is 21 (McAfee default rule). 4. Allow this program to communicate, if the data direction is outbound, and if the protocol is TCP/IP, and if the remote port is 53 or 1133 (McAfee default rule).
- Next message: Sigurd Kallhovde: "ZoneAlarm and LAN/IP full-screen games"
- Previous message: NeoSadist: "Re: Sygate Personal Firewall HTTP Post Request Weirdness"
- Next in thread: J Jay: "Re: McAfee Firewall Blocking FTP"
- Reply: J Jay: "Re: McAfee Firewall Blocking FTP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
