no scp or ftp

To: debian-firewall@lists.debian.org
Subject: no scp or ftp
From: "Mark Strasheim" <Strasheim@web.de>
Date: Fri, 28 Jan 2005 18:13:19 +0100
Message-id: <1521437506@web.de>

Aloha

i have a singel interface and do the following iptables commands
everthings works as i should ( there are some more services with UDP )

iptables -N allowed
iptables -A allowed -j ACCEPT
iptables -A INPUT -p TCP --dport 22 -j allowed
iptables -A INPUT -p TCP --dport 21 -j allowed
iptables -A INPUT -p UDP --dport 68 -j allowed
iptables -A INPUT -m state --state RELATED -j allowed
iptables -A INPUT -m state --state ESTABLISHED -j allowed
iptables -A INPUT -j DROP

i can also login per ssh and connect to ftp, but scp and ftp auth don't work.
I anderstand that they talk about a new port and that the firewall don't see 
the exchange of that data and therefor can get set the state engine to related or established.
For ftp i loaded the con tracking module ... ( i know it for nat but i hopped :) ) but i didn't work.

My question is how can, with only a few lines, get this to work.

with regards
Mark Strasheim

__________________________________________________________
Mit WEB.DE FreePhone mit hoechster Qualitaet ab 0 Ct./Min.
weltweit telefonieren! http://freephone.web.de/?mc=021201

Reply to:

Follow-Ups:
- Re: no scp or ftp
  - From: Mike Mestnik <cheako911@yahoo.com>
- Re: no scp or ftp
  - From: Phil Dyer <phil.dyer@cox.net>
- Re: no scp or ftp
  - From: Ian Greenhoe <ihgreenman@yahoo.com>

Prev by Date: Re: VPN + multilink connection
Next by Date: Re: VPN + multilink connection
Previous by thread: Re: AW: drop policy- udp ports open?
Next by thread: Re: no scp or ftp
Index(es):
- Date
- Thread