Hi Yah,Me again...bit of progress at last, just finished running another backup set tonight and after checking the backup server noticed that again not all files had transferred across via FTP. Then straight after that my hourly logs came through and tonight something showed up :-
Oct 7 22:01:36 ns kernel: Packet log: input DENY eth0 PROTO=6 backupserver.IP:20 raq3server.IP:1080 L=60 S=0x00 I=32118 F=0x4000 T=64 SYN (#37)
IPChains had dropped the return connection with the FTP transfer - is this correct ?
TCP Source Port = 20 IANA registered = ftp-data = File Transfer[Default Data] Comments = Privileged port (<=1023), normally only used by services
Now what rule can I add to IPChains to allow this IP access to FTP services. Currently I've got:-
/sbin/ipchains -A input -s 0.0.0.0/0.0.0.0 21 -d 0.0.0.0/0.0.0.0 1024:65535 -i eth0 ! -y -p tcp -j ACCEPT /sbin/ipchains -A input -s 0.0.0.0/0.0.0.0 20 -d 0.0.0.0/0.0.0.0 1024:65535 -i eth0 -p tcp -j ACCEPT /sbin/ipchains -A output -s 0.0.0.0/0.0.0.0 21 -d 0.0.0.0/0.0.0.0 1024:65535 -i eth0 ! -y -p tcp -j ACCEPT /sbin/ipchains -A output -s 0.0.0.0/0.0.0.0 20 -d 0.0.0.0/0.0.0.0 1024:65535 -i eth0 -p tcp -j ACCEPT
I've already added both IP's into the host.allow file using in.proftpd line but that didn't seem to work.
Many thanks in advance Chae