John Mullan wrote:
Your first rule actually insists that the CLIENT port be 1021 -- rather odd requirement.Yes, they are intentional. I want to keep the FTP server on port 1021. If anyone comes in from outside without specifying port 1021, they will still get to my FTP server. That leaves me the future opportunity to have another FTP server on 21 but only accessible from internal.At least, that is the way I figure it.
Also be sure that your sshd is listening on 0.0.0.0 and/or on the exernal IP address of your firewall.I will attempt the Telnet idea later. Work doesn't open very many ports. I don't even get port 80 access from this workstation :(
-Tom
--
Tom Eastep \ Shorewall - iptables made easy
Shoreline, \ http://www.shorewall.net
Washington USA \ [EMAIL PROTECTED]
-------------------------------------------------------
This SF.NET email is sponsored by: FREE SSL Guide from Thawte
are you planning your Web Server Security? Click here to get a FREE
Thawte SSL guide and find the answers to all your SSL security issues.
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
