Re: FTP through ipmasq

To: "List, debian-user" <debian-user@lists.debian.org>
Subject: Re: FTP through ipmasq
From: Simon Law <sfllaw@engmail.uwaterloo.ca>
Date: Tue, 27 Aug 2002 04:46:37 -0400
Message-id: <[🔎] 20020827084636.GW7824@engmail.uwaterloo.ca>
Mail-followup-to: "List, debian-user" <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20020827054137.GJ27138@ursine.dyndns.org>
References: <[🔎] 20020827041946.GC27138@ursine.dyndns.org> <[🔎] 20020827045732.GS7824@engmail.uwaterloo.ca> <[🔎] 20020827051256.GF27138@ursine.dyndns.org> <[🔎] 20020827051912.GV7824@engmail.uwaterloo.ca> <[🔎] 20020827054137.GJ27138@ursine.dyndns.org>

On Mon, Aug 26, 2002 at 10:41:37PM -0700, Paul Johnson wrote:
> On Tue, Aug 27, 2002 at 01:19:12AM -0400, Simon Law wrote:
> > > OK...I haven't gotten into stateful firewalling much yet...could I get
> > > an example?
> > 
> > iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> > iptables -A INPUT -m state --state INVALID -j DROP
> 
> Awesome, that fixes inbound FTP, but continues to cause outbound to
> bitch and require passive FTP.

	Outbound FTP?  I'm not quite understanding what you're saying.
I suppose you'll also want to add this to your OUTPUT table, if you deny
things by default.  If you're doing NAT, you might also need it in the
FORWARD table.

Simon

Reply to:

Follow-Ups:
- Re: FTP through ipmasq
  - From: Paul Johnson <baloo@ursine.dyndns.org>

References:
- FTP through ipmasq
  - From: Paul Johnson <baloo@ursine.dyndns.org>
- Re: FTP through ipmasq
  - From: Simon Law <sfllaw@engmail.uwaterloo.ca>
- Re: FTP through ipmasq
  - From: Paul Johnson <baloo@ursine.dyndns.org>
- Re: FTP through ipmasq
  - From: Simon Law <sfllaw@engmail.uwaterloo.ca>
- Re: FTP through ipmasq
  - From: Paul Johnson <baloo@ursine.dyndns.org>

Prev by Date: Re: graphical login
Next by Date: Re: Simple editor for LaTeX editing
Previous by thread: Re: FTP through ipmasq
Next by thread: Re: FTP through ipmasq
Index(es):
- Date
- Thread