Re: vsftpd and firewall - problems
---------- Forwarded Message ----------
Subject: Re: vsftpd and firewall - problems
Date: Tuesday 28 June 2005 12.07
From: Mariusz <kajko04@o2.pl>
To: "Andre Venter" <andrev@ohwell.co.za>
On Tuesday 28 June 2005 10.42, Andre Venter wrote:
> Set the port range on the ftp server and allow connections through the
> firewall
I tryed do like this, but looks like doesn't work that as I want.
vsftpd.conf:
pasv_enable=yes
pasv_promiscuous=no
port_enable=yes
pasv_min_port=9000
pasv_max_port=10000
firewall:
allowed tcp -- anywhere anywhere tcp
dpts:9000:10000
but this is in INPUT chain
command to set it:
iptables -A tcp_packets -p TCP -s 0/0 --dport 9000:10000 -j allowed
INPUT:
tcp_packets tcp -- anywhere anywhere
OUTPUT:
Chain OUTPUT (policy DROP)
target prot opt source destination
bad_tcp_packets tcp -- anywhere anywhere
ACCEPT all -- localhost.localdomain anywhere
ACCEPT all -- gruzy anywhere
HOw I can be sure which port is used to ftp-data?
After I connect it set a ftp-data port - where I can find it?
--
Have a good day
---------------
Mariusz Antonik
-------------------------------------------------------
--
Have a good day
---------------
Mariusz Antonik
Reply to: