RE : Iptables FTP

To: <debian-user-french@lists.debian.org>
Subject: RE : Iptables FTP
From: "Thunder" <thunder@club-internet.fr>
Date: Wed, 19 Jun 2002 13:08:33 +0200
Message-id: <[🔎] EAF1EA9E3EC1B14DA459B583993F19399538BA@info-exchange.progress2000.com>
In-reply-to: <[🔎] 3CFB286C009BE5B0@mel-rta9.wanadoo.fr> (added by postmaster@wanadoo.fr)

Une exemple si tu force ton passif sur le range 10000-10010, et que tu
garde les deux modes possibles

#-- FTP
$IPTABLES --append INPUT --protocol tcp --source-port $PUBLIC_PORT
--destination $IP --destination-port 21 --jump ACCEPT
$IPTABLES --append OUTPUT --protocol tcp -source $IP --source-port 21
--destination 0/0 --destination-port $PUBLIC_PORT  --jump ACCEPT
#
#-- FTP-DATA
$IPTABLES --append INPUT --protocol tcp $INT_EXT -m state --state
RELATED --source-port $PUBLIC_PORT --destination $IP --destination-port
20 --jump ACCEPT
$IPTABLES --append OUTPUT --protocol tcp --source $IP --source-port 20
--destination 0/0 --destination-port $PUBLIC_PORT  --jump ACCEPT
#
#-- FTP-PASV
$IPTABLES --append INPUT --protocol tcp -m state --state RELATED
--source-port $PUBLIC_PORT --destination $IP --destination-port
10000:10010 --jump ACCEPT
$IPTABLES --append OUTPUT --protocol tcp --source $IP --source-port
10000:10010 --destination 0/0 --destination-port $PUBLIC_PORT  --jump
ACCEPT


Si je me trompe pas


-- 
To UNSUBSCRIBE, email to debian-user-french-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: Iptables FTP
  - From: regis <luminix@wanadoo.fr>

Prev by Date: Re: Iptables FTP
Next by Date: Re: Iptables FTP
Previous by thread: Re: Iptables FTP
Next by thread: Re: Iptables FTP
Index(es):
- Date
- Thread