Hi,
we are running a published FTP server.
All worked pretty well until some days ago, one of our customers can't download any file. Download gets abortet every time he tries.
So I searched the FW-Log and found this:
Any idea what might be the problem?
What does nf_ct_ftp: dropping packet and nf_conntrack_ftp: invalid IP address, resetting connection mean?
Port 20,21,Passive are properly forwarded.
FTP is located in DMZ. Connection, Download and Upload works from internal network.
thanks,
jauer
we are running a published FTP server.
All worked pretty well until some days ago, one of our customers can't download any file. Download gets abortet every time he tries.
So I searched the FW-Log and found this:
Quote:
|
2012:04:24-12:09:27 ***XX-1 ulogd[5793]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" mark="0xa2" app="162" srcip="<FTPs public IP>" dstip="<Customers IP>" proto="6" length="89" tos="0x00" prec="0x00" ttl="127" srcport="21" dstport="54237" tcpflags="ACK PSH" info="nf_conntrack_ftp: invalid IP address, resetting connection " 2012:04:24-12:09:27 ***XX-1 ulogd[5793]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" outitf="eth1" mark="0xa2" app="162" srcmac="0:1a:8c:f0:5:1" srcip="<FTPs public IP>" dstip="<Customers IP>" proto="6" length="89" tos="0x00" prec="0x00" ttl="127" srcport="21" dstport="54237" tcpflags="ACK PSH" info="nf_ct_ftp: dropping packet" |
What does nf_ct_ftp: dropping packet and nf_conntrack_ftp: invalid IP address, resetting connection mean?
Port 20,21,Passive are properly forwarded.
FTP is located in DMZ. Connection, Download and Upload works from internal network.
thanks,
jauer