On Sat, 23 Apr 2005 11:16:17 -0700, michael wrote in message <[EMAIL PROTECTED]>:
> Hello, > > I wanted to allow my clients behind my firewall to use ftp. > I've added the rules to my iptables script. > > -A FORWARD -p tcp -m tcp --dport 21 -j ACCEPT > -A FORWARD -p tcp -m tcp --dport 20 -j ACCEPT > -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT ..looks ok to me. > Just wanted to get your opinion if this is the correct > way to do it? The 3rd rule above (--state....) is the one rule > I'm mostly unsure about. ..it checks whether any response from the ftp servers out there, is related to "which-one" of your established outgoing ftp traffic or ftp requests. > Is this the proper way to allow ftp access? > What rules do you guys use for ftp? -- ..med vennlig hilsen = with Kind Regards from Arnt... ;o) ...with a number of polar bear hunters in his ancestry... Scenarios always come in sets of three: best case, worst case, and just in case. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
