FTP..
Christopher Wagner
chrisw at pacaids.com
Wed Apr 3 11:16:21 PST 2002
Cool. Thanks Frank! :)
- Christopher Wagner
chrisw at pacaids.com
Packaging Aids Corporation - Information Systems
P.O. Box 9144
San Rafael, CA 94912-9144
http://www.pacaids.com/
(415) 454-4868 x116
-----Original Message-----
From: E Frank Ball [mailto:frankb at efball.com]
Sent: Wednesday, April 03, 2002 11:05 AM
To: talk at nblug.org
Subject: Re: FTP..
On Wed, Apr 03, 2002 at 10:41:48AM -0800, Christopher Wagner wrote:
} Hi Mark.. Thanks for responding..
}
} When I do a set passive on, it still gives me connection refused..
}
} ipchains appears to still be working even with my 2.4.9 kernel. I'm not
} keeping up very well with the latest firewalling stuff, iptables is kind
of
} intimidating to me, I'm not sure what exactly I'm supposed to do with it,
it
} is installed on my box, though.
}
} I stopped ipchains, ftp then worked as it should. I'm puzzled, this is my
} /etc/sysconfig/ipchains:
} :input ACCEPT
} :forward ACCEPT
} :output ACCEPT
} -A input -s 0/0 -d 0/0 22 -p tcp -y -j ACCEPT
} -A input -s 0/0 -d 0/0 25 -p tcp -y -j ACCEPT
} -A input -s 0/0 -d 0/0 80 -p tcp -y -j ACCEPT
} -A input -s 10.0.0.67 -d 0/0 21 -p tcp -y -j ACCEPT
} -A input -s 63.113.184.230 -d 0/0 20 -p tcp -y -j ACCEPT
} -A input -s 63.113.184.230 -d 0/0 21 -p tcp -y -j ACCEPT
Is ssh, smtp, or http working? What are all the -y arguments for? -y
means only accept syn packets. Try it without -y
} -A input -s 0/0 -d 0/0 -p tcp -y -j REJECT
Keep this -y
see:
http://nblug.org/firewall/firewall
It's a ipchains firewall script I wrote that makes a good starting
point. It's the basis for what I'm still using. I see a lot of
problems with what your doing.
http://nblug.org/firewall/
--
E Frank Ball frankb at efball.com
More information about the talk
mailing list