Re: Redirecting ftp

To: Magnus Göransson <magnus@goransson.org>
Cc: "debian-firewall@lists.debian.org" <debian-firewall@lists.debian.org>
Subject: Re: Redirecting ftp
From: Lars <debs@utysket.dk>
Date: Thu, 08 Dec 2005 23:01:12 +0100
Message-id: <[🔎] 4398AD28.8030006@utysket.dk>
In-reply-to: <4397F1A3.4080507@goransson.org>
References: <[🔎] 34d0e0548302e623a112a50d28e606eb@213.83.233.254> <4397F1A3.4080507@goransson.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Magnus Göransson wrote:
> Hello!
> 
> Active or Passive FTP??
> http://slacksite.com/other/ftp.html

Running passive, great link...

> If you can log in and not can list the directory it can be that passive
> port's not allowed. Can you target the range for passive port in your
> ftp server?
> 
> iptables -m state --state REALTED --sport < ... > --dport < ... >

I'm still having some connection problem. Not from the 172.16.0.0/27 net , only outside on the WAN.
I'm running Pure-Ftpd and port 45000 47000 is defined as passive. But i can't get the syntax right in my iptables..

iptables -m state --state RELATED --sport 45000:47000 --dport 45000:47000 -J ACCEPT

Shall I forward ome ports in my router to the firewall? Or what is defined as sport..?

- --
/Lars
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDmKz/SdVv6NOAbD4RAqQnAJ9LyjFkpBM6D+/CaiPNlkwHbmBE4QCfYItS
48z5Yy+NbBNArKazDwXde1M=
=9zzM
-----END PGP SIGNATURE-----

Reply to:

References:
- Redirecting ftp
  - From: Debs <debs@utysket.dk>

Prev by Date: from eikega@online.no
Next by Date: Re: Kernel 2.6 racoon <--> Sonicwall VPN
Previous by thread: Re: Redirecting ftp
Next by thread: Re: Redirecting ftp
Index(es):
- Date
- Thread