Re: open ports with firehol
On 29/04/2004 Daniel Pittman wrote:
> > Dose not connection tracking take care of both active and passive FTP?
> > These both should fall under state RELATED not state NEW.
>
> The firehol script treats it as a complex service, because there are
> connections going both ways. If you look at the relevant function in
> /lib/firehol/firehol (line 869) you will see what firehol does to set it
> up.
mh, now with
server_myftp_ports="tcp/211:215"
client_myftp_ports="default"
i get after logging in with 'lftp -p 211 user@www.kidns.de' from a
remote machine and trying to list the content with 'ls':
`ls' at 0 [Connecting...]
`ls' at 0 [Sending commands...]
`ls' at 0 [Waiting for response..]
`ls' at 0 [Making data connection...]
and there it starts idling for infinity. so it seems like no data is
delivered to my remote machine. any suggestions why that could be?
from the firewall/ftp machine itself it works well, so no problem with
the ftp-server.
it's quite important to have these 5 ports open, so if you have no
suggestions to fix the above, how do the iptables commands look like to
open these 5 ports for ftp connection?
bye
jonas
Reply to: