Re: [CentOS] Vsftpd vs. iptables firewall script

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2018/05/23 8:24 AM, Nicolas Kovacs wrote: > I'm currently setting up a local FTP server, to receive disk images > sent with G4L (Ghost4Linux). > > This server has been running Slackware Linux before, and the > Vsftpd setup was relatively simple.

Re: [CentOS] Vsftpd vs. iptables firewall script

Le 23/05/2018 à 17:01, Pete Biggs a écrit : > FTP uses two ports - in active mode the server uses 21 for command and > 20 for data after the initial connection. In passive mode it uses 21 > for command and a high random port number for data. What is happening > is that you are blocking the high

Re: [CentOS] Vsftpd vs. iptables firewall script

Nicolas Kovacs wrote: > Le 23/05/2018 à 16:58, m.r...@5-cent.us a écrit : >> A suggestion: once you've got the firewall issue dealt with, set selinux >> into permissive mode; *then* you can figure out what it's complaining >> about, while at the same time, your system will be available. Once >>

Re: [CentOS] Vsftpd vs. iptables firewall script

Le 23/05/2018 à 16:58, m.r...@5-cent.us a écrit : > A suggestion: once you've got the firewall issue dealt with, set selinux > into permissive mode; *then* you can figure out what it's complaining > about, while at the same time, your system will be available. Once you've > fixed those issues,

Re: [CentOS] Vsftpd vs. iptables firewall script

Le 23/05/2018 à 17:01, Pete Biggs a écrit : > You could use active transfer and open port 20, or you could use > passive, which is more "secure", and allow connections to high port > numbers. > > Search for active vs passive ftp for more info. That helped, thanks. I added the following to

Re: [CentOS] Vsftpd vs. iptables firewall script

Nicolas Kovacs wrote: > Hi, > > I'm currently setting up a local FTP server, to receive disk images sent > with G4L (Ghost4Linux). > > This server has been running Slackware Linux before, and the Vsftpd > setup was relatively simple. > > With CentOS things seem to be slightly different, so I'm

Re: [CentOS] Vsftpd vs. iptables firewall script

Nicolas Kovacs wrote: > Le 23/05/2018 à 16:36, Nux! a écrit : >> Try "iptables -I INPUT" for your FTP rule. > > Doesn't work. I redirected all my errors to /var/log/messages, so here's > what I get when I try to connect Filezilla to that server. > > May 23 16:48:58 c7-server kernel: +++ IPv4

Re: [CentOS] Vsftpd vs. iptables firewall script

On 23 May 2018 at 11:05, Stephen John Smoogen wrote: > On 23 May 2018 at 10:24, Nicolas Kovacs wrote: >> Hi, >> >> I'm currently setting up a local FTP server, to receive disk images sent >> with G4L (Ghost4Linux). >> >> This server has been running

Re: [CentOS] Vsftpd vs. iptables firewall script

On 23 May 2018 at 10:24, Nicolas Kovacs wrote: > Hi, > > I'm currently setting up a local FTP server, to receive disk images sent > with G4L (Ghost4Linux). > > This server has been running Slackware Linux before, and the Vsftpd > setup was relatively simple. > > With CentOS

Re: [CentOS] Vsftpd vs. iptables firewall script

> Doesn't work. I redirected all my errors to /var/log/messages, so here's > what I get when I try to connect Filezilla to that server. > > May 23 16:48:58 c7-server kernel: +++ IPv4 packet rejected +++ IN=enp0s3 > OUT= MAC=08:00:27:00:00:03:d4:85:64:b2:b2:1b:08:00 SRC=192.168.2.2 >

Re: [CentOS] Vsftpd vs. iptables firewall script

Le 23/05/2018 à 16:36, Nux! a écrit : > Try "iptables -I INPUT" for your FTP rule. Doesn't work. I redirected all my errors to /var/log/messages, so here's what I get when I try to connect Filezilla to that server. May 23 16:48:58 c7-server kernel: +++ IPv4 packet rejected +++ IN=enp0s3 OUT=

Re: [CentOS] Vsftpd vs. iptables firewall script

Hi, Try "iptables -I INPUT" for your FTP rule. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - > From: "Nicolas Kovacs" > To: "CentOS mailing list" > Sent: Wednesday, 23 May, 2018 15:24:45 > Subject: