Robert L. Harris on 05/12/08 20:35, wrote:
Can I suggest something like this
# one catch all for all related and established connection # as defined
by connection tracking iptables -I INPUT RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -m state --state NEW -j ACCEPT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tommy Bongaerts wrote:
On Fri, Dec 05, 2008 at 03:30:19PM -0700, Robert L. Harris wrote:
I've read both of those and understand how the ftp works. I've
spent the last 2 days googling. Unfortunately it's all working
now except how to get the
It hangs after ls? Sounds like your data traffic gets jammed
somehow.
I know I'm jumping in halfway thru the conversation so this might have
already been mentioned. But you may want to check if the firewall is
blocking ICMP packets preventing PMTU being figured out correctly. The
scenerio
On Fri, Dec 05, 2008 at 03:30:19PM -0700, Robert L. Harris wrote:
[snip]
here is another link
http://www.cyberciti.biz/faq/iptables-open-ftp-port-21/ (again
google).
My strength is in itables not ftp (which is the reason for
googling :) )
Also anything to do with iptables and
On Fri, Dec 05, 2008 at 03:30:19PM -0700, Robert L. Harris wrote:
I've read both of those and understand how the ftp works. I've
spent the last 2 days googling.
Unfortunately it's all working now except how to get the iptables data
connection in passive
mode working. I can log in, etc
On Fri, Dec 5, 2008 at 12:35 PM, Robert L. Harris [EMAIL PROTECTED]
wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Help... I have the following in my firewall startup script:
...
I am trying to forward public internet ftp traffic to a machine behind
my firewall. Anyone have
On Fri, Dec 5, 2008 at 12:52 PM, S Scharf [EMAIL PROTECTED] wrote:
On Fri, Dec 5, 2008 at 12:35 PM, Robert L. Harris
[EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Help... I have the following in my firewall startup script:
...
I am trying to forward
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
yes it is and I am successfully routing port 80/http to a different
server behind the firewall just fine.
S Scharf wrote:
On Fri, Dec 5, 2008 at 12:52 PM, S Scharf [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] wrote:
On Fri, Dec 5, 2008 at
On Fri, Dec 05, 2008 at 10:35:47AM -0700, Robert L. Harris wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Help... I have the following in my firewall startup script:
/sbin/modprobe nf_conntrack_ftp
$IPTABLES -A INPUT -p tcp --dport 21 -m state --state
NEW,ESTABLISHED -j
On Fri, 2008-12-05 at 18:35 +0100, Robert L. Harris wrote:
From:
Robert L. Harris
[EMAIL PROTECTED]
To:
debian-user@lists.debian.org
debian-user@lists.debian.org
Subject:
iptables, ftp and dnat?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alex Samad wrote:
On Fri, Dec 05, 2008 at 10:35:47AM -0700, Robert L. Harris wrote:
Help... I have the following in my firewall startup script:
/sbin/modprobe nf_conntrack_ftp $IPTABLES -A INPUT -p tcp --dport
21 -m state --state
On Fri, Dec 05, 2008 at 01:35:25PM -0700, Robert L. Harris wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alex Samad wrote:
On Fri, Dec 05, 2008 at 10:35:47AM -0700, Robert L. Harris wrote:
Help... I have the following in my firewall startup script:
/sbin/modprobe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
Commenting it out, everything looks good until after I log in and try
to do an ls when it returns:
ftp ls
227 Entering Passive Mode (10,1,1,32,205,208).
Then nothing.
I've
Hi
You should try and keep this on list
Alex
On Fri, Dec 05, 2008 at 02:17:42PM -0700, Robert L. Harris wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[snip]
I've updated my rules to this:
# # allow ftpd
HARVARD=10.1.1.32
/sbin/modprobe nf_conntrack_ftp
# General
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alex Samad wrote:
Hi
You should try and keep this on list
Sorry, hit reply instead of reply all.
Alex
On Fri, Dec 05, 2008 at 02:17:42PM -0700, Robert L. Harris wrote:
[snip]
I've updated my rules to this: # # allow ftpd
15 matches
Mail list logo