[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Raq3 Mysterious Death & Backup Mystery
- Subject: Re: [cobalt-users] Raq3 Mysterious Death & Backup Mystery
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon Oct 7 04:08:00 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On Mon, 7 Oct 2002, Chae wrote:
> Hi Yah,
>
> Me again...bit of progress at last, just finished running another backup
> set tonight and after checking the backup server noticed that again not all
> files had transferred across via FTP. Then straight after that my hourly
> logs came through and tonight something showed up :-
>
> Oct 7 22:01:36 ns kernel: Packet log: input DENY eth0 PROTO=6
> backupserver.IP:20 raq3server.IP:1080 L=60 S=0x00 I=32118 F=0x4000 T=64 SYN
> (#37)
>
> IPChains had dropped the return connection with the FTP transfer - is this
> correct ?
>
> >TCP Source Port = 20
> >IANA registered = ftp-data = File Transfer
> >[Default Data] Comments = Privileged port (<=1023), normally only used by
> >services
>
> Now what rule can I add to IPChains to allow this IP access to FTP
> services. Currently I've got:-
>
> /sbin/ipchains -A input -s 0.0.0.0/0.0.0.0 21 -d 0.0.0.0/0.0.0.0 1024:65535
> -i eth0 ! -y -p tcp -j ACCEPT
> /sbin/ipchains -A input -s 0.0.0.0/0.0.0.0 20 -d 0.0.0.0/0.0.0.0 1024:65535
> -i eth0 -p tcp -j ACCEPT
> /sbin/ipchains -A output -s 0.0.0.0/0.0.0.0 21 -d 0.0.0.0/0.0.0.0
> 1024:65535 -i eth0 ! -y -p tcp -j ACCEPT
> /sbin/ipchains -A output -s 0.0.0.0/0.0.0.0 20 -d 0.0.0.0/0.0.0.0
> 1024:65535 -i eth0 -p tcp -j ACCEPT
# Allow packets with ack bit set, their from an established connection.
/sbin/ipchains -A input ! -y -p tcp -s 0/0 -d 0/0 -j ACCEPT
Gerald
--
http://frontstreetnetworks.com | http://raqware.com
Front Street Networks LLC | Phone: +1 203-785-0699
229 Front Street, Ste. C, New Haven, CT. 06513-3203