Hai milisers,
Selama ini saya pakai ipchains untuk firewall mesin linux redhat 7.3.
Sekarang ini coba-coba pakai iptables yg sudah ada dalam packagenya
redhat. Linux ini koneksi dialup ke internet, tes yg saya lakukan
dr client win98 dan memakai script "Iptables Tutorial 1.1.19"
dg contoh script rc.DHCP.firewall yg sudah dimodifikasi untuk dialup,
client win98 sudah bisa browsing ke internet, irc, MSN, dll, kecuali
ftp, bisa masuk (login) tapi tidak bisa memunculkan
list atau daftar isi. Saya pakai CuteFTP untuk koneksi ke internet,
options PASSIVE sudah dicawang, muncul pesan sbb:
STATUS:> Connect: Thursday 12:28:38 09-30-2004
STATUS:> Connecting to domain.com
STATUS:> Connecting to domain.com (ip = 203.x.x.x)
STATUS:> Socket connected. Waiting for welcome message...
220 (vsFTPd 1.1.3)
STATUS:> Connected. Authenticating...
COMMAND:> USER username
331 Please specify the password.
COMMAND:> PASS ********
230 Login successful. Have fun.
STATUS:> Login successful
STATUS:> This site can resume broken downloads
COMMAND:> PWD
257 "/"
STATUS:> Retrieving directory listing...
COMMAND:> PASV
227 Entering Passive Mode (203,130,252,37,109,220)
COMMAND:> LIST
STATUS:> Connecting data socket...
ERROR:> Failed to establish data socket
ERROR:> Interrupted
STATUS:> Trashed response received
425 Failed to establish connection.
STATUS:> Retrieving directory listing...
COMMAND:> PASV
227 Entering Passive Mode (203,130,252,37,149,253)
COMMAND:> LIST
STATUS:> Connecting data socket...
ERROR:> Failed to establish data socket
425 Failed to establish connection.
ERROR:> File error
Di file script firewall sudah ada :
# 2. Module loading.
/sbin/depmod -a
/sbin/modprobe ip_conntrack
/sbin/modprobe ip_tables
/sbin/modprobe iptable_filter
/sbin/modprobe iptable_mangle
/sbin/modprobe iptable_nat
/sbin/modprobe ipt_LOG
/sbin/modprobe ipt_limit
/sbin/modprobe ipt_MASQUERADE
# 2.2 Non-Required modules
/sbin/modprobe ipt_owner
/sbin/modprobe ipt_REJECT
/sbin/modprobe ip_conntrack_ftp
/sbin/modprobe ip_conntrack_irc
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_nat_irc
# 3.1 Required proc configuration
echo "1" > /proc/sys/net/ipv4/ip_forward
# 3.2 Non-Required proc configuration
echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter
echo "1" > /proc/sys/net/ipv4/conf/all/proxy_arp
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
Kemudian di log firewall ada pesan:
server kernel: divert: no divert_blk to free, ppp0 not ethernet
Ada yg pernah mengalami hal di atas ?
--
Terimakasih sebelumnya dan sesudahnya.
Salam,
~~ Arief Yudhawarman ~~
--
Unsubscribe: kirim email kosong ke [EMAIL PROTECTED]
Arsip, FAQ, dan info milis di http://linux.or.id/milis.php
Tidak bisa posting? Baca:
http://linux.or.id/wiki/index.php?pagename=ProblemMilisDanSolusi
http://linux.or.id/wiki/index.php?pagename=TataTertibMilis
