IPTables for FTP
Christopher K. Johnson
ckjohnson at gwi.net
Tue Nov 2 20:52:19 UTC 2004
Richard Worwood wrote:
>I'm trying to setup and ftp server which is protected with iptables and
>am having a few probs with PASV mode and was wondering if anyone have a
>sample iptables file I could have a look at.
>
>Thanks in advance
>
>Richard
>
>
>
Aside from allowing tcp port 21 input, you need to accept packets of
state established, related in iptables. You will also need to edit
/etc/sysconfig/iptables-config, uncommenting and editing the following
line for an ftp server:
IPTABLES_MODULES="ip_conntrack_ftp"
If it is a firewall providing nat that you are allowing access to the
ftp server through, then that line needs to be:
IPTABLES_MODULES="ip_conntrack_ftp ip_nat_ftp"
One or the other is probably your issue depending on your configuration.
Chris
--
-----------------------------------------------------------
"Spend less! Do more! Go Open Source..." -- Dirigo.net
Chris Johnson, RHCE #807000448202021
More information about the fedora-list
mailing list