Re: Sobre iptables com o ftp

To: debian-user-portuguese@lists.debian.org
Subject: Re: Sobre iptables com o ftp
From: Paulo Ricardo <pauloric@contato.com.br>
Date: Wed, 17 Dec 2003 11:34:06 -0200
Message-id: <[🔎] 1071668045.1402.24.camel@pauloric.intranet>
In-reply-to: <[🔎] 000801c3c49b$2cafce80$0101a8c0@fastware.com.br>
References: <[🔎] 000801c3c49b$2cafce80$0101a8c0@fastware.com.br>

Em Qua, 2003-12-17 às 10:42, Conrado escreveu:
> Eu tenho aqui na firma um computador em linux que faz o roteamento da
> internet, mas infelizmente na minha máquina que tem esse servidor como
> gateway eu não consiguo me conectar em ftp, eu gostaria de uma
> resolução para esse problema ou que me explicassem o porque disso.
>  
> Eu tenho esse script para configurar o iptables:
> #!/bin/bash
> IPTABLES="/sbin/iptables"
> INTRANET="192.168.0.0/16"
>  
> # Habilitando forward
> echo -ne "Habilitando ip_forward: "
> echo 1 > /proc/sys/net/ipv4/ip_forward
> echo "OK"
>  
> # Limpa todo o filter
> echo -ne "Limpando tabela filter: "
> $IPTABLES -F > /dev/null
> echo "OK"
>  
> # Limpa tabela nat
> echo -ne "Limpando tabela nat: "
> $IPTABLES -t nat -F > /dev/null
> echo "OK"
>  
> # Muda o policy para drop
> #echo -ne "Mudando o policy para drop: "
> #$IPTABLES -P FORWARD DROP > /dev/null
> #echo "OK"
>  
> # Permite o forward para a rede local
> echo -ne "Forward para a rede local: "
> $IPTABLES -I FORWARD -s 192.168.0.0/16 -j ACCEPT > /dev/null
> $IPTABLES -I FORWARD -d 192.168.0.0/16 -j ACCEPT > /dev/null
> echo "OK"
>  
> # Faz o masquerade
> echo -ne "Masquerade: "
> $IPTABLES -t nat -A POSTROUTING -s 0/0 -d 0/0 -j MASQUERADE >
> /dev/null
> echo "OK"



heheheh vc não tem um firewall e sim um compartilhamento com a Internet
onde o mundo lá fora ( diga-se internet) enxerga toda a sua rede
interna.......

bem este é outro problema.

o que falta é 


iptables -A FORWARD -m state ESTABLISHED,RELATED
e subir os módulos de ip_nat_ftp


[]s
>  
> Obrigado
> Conrado
-- 
Paulo Ricardo Bruck - consultor
Contato Global Solutions
tel 011 5686-7977 011 5521-8049  cel 011 9235-4327
R Bourbom, 56 04663-160  São Paulo SP

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.1 (GNU/Linux)

mQGiBD7RFWcRBACHF98nLZGNU5wlLG+FMmpKFkagAW/dujJP/sETIMzgHSp25wWa
H/37UItJ4m44Cose2jOHNiDjK8JqQ614HIS4SbXDJggxs07hrrCA1UxlSDtwhEvK
jL7iFkUmt3oxCD+Z6bFfb+iWkqhKjSkMGZT6WMcOx5j4W7QwFAi7U655pwCgzbSA
yw5jWt276+hqZMOw7GuoSrED/R9oGrvjJVRTBxj3/UXiKhqce/C5BXjLB2377Y/D
n79XFhZGXp3D8rI7YgfmOB/JnvG5jJ/1LQE4Sac8RgL0Lr9B+v1TI8h4/TI5s0zH
8MiX1gWBVrexDGyqHUC0cO3xBpvZtVBoYQey7djC7/wPLW8wQRsQOf1Gciy7H9pb
pbesA/wO0otaoSXtlGaKYLvqeM+mRM3Zgo63/HGQB9m1LXhp9LTx3fcmOOtQs5jL
rCRhd/U6y/+Lwfnkpdf8e/LkcGuFC1oUq8ZBj7sgFnEuGHgbUnltNUYqhtl/3MJG
4ODcDOZ7ZUzhyksc1R7BEEdfe44FYqG0Wo6dmWseYkHwi9BXobRIUGF1bG8gUmlj
YXJkbyBCcnVjayAoQ29udGF0byBHbG9iYWwgU29sdXRpb25zKSA8cGF1bG9yaWNA
Y29udGF0by5jb20uYnI+iFkEExECABkFAj7RFWcECwcDAgMVAgMDFgIBAh4BAheA
AAoJEE3++teFxLIijykAoIlN1fJ6j70CGhe8VA2VH78AwMCkAJ9UfPA+4kToRcx5
uAkbqntF2Hwf6bkBDQQ+0RVuEAQAuGu7ES6wg5PIo+fpogRKrAs1pf41/tacsNos
I/OP2o2CaNRclu0vprdydK0oMHQrvTf9ocUlECRRQkE2Gw3EAjj9fzvUH7X6zqeV
0Pwk1RskPbMyBmZ0cClMRSh0PWesXlv4PKcYz67NJbL926Dj/Mcd9/RyhUkM80Sw
bJy/QZsAAwUEALf5pInf3Uh8Ujxy0gKG75CJupLesi+z4FBuJ9qYV6XMXCnVHGCA
jEpQcPaTRNhlMNq8lr+nNEWC8nGVDKORwWLrPmVVhttjBu3oxMGiQKQaBtg0L7ec
0VGR8KzyKPyPM2c+qYPgVWhgQZOvhf+iLpeQffp3K99TPFb8kwcM5WaTiEYEGBEC
AAYFAj7RFW4ACgkQTf7614XEsiLm0gCgk5JPQvHWbM8NI48J8oz2rNG/CH4AoMHE
dizQXFZtxXJhCuXn09aI6Z1J
=qt+T
-----END PGP PUBLIC KEY BLOCK-----

Reply to:

Follow-Ups:
- Re: Sobre iptables com o ftp
  - From: "Conrado" <conrado.debian@terra.com.br>

References:
- Sobre iptables com o ftp
  - From: "Conrado" <conrado.debian@terra.com.br>

Prev by Date: hp 3420
Next by Date: Re: Sobre iptables com o ftp
Previous by thread: Sobre iptables com o ftp
Next by thread: Re: Sobre iptables com o ftp
Index(es):
- Date
- Thread