[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] FTP Problems

I just recently installed a firewall on my server now I am having troubles
ftp files off the server to a different location my raqbackup fails now.
Basicly what happens  is this:

[admin logs]$ ftp domain.com
Connected to home.toddwoolums.com.
220 ProFTPD 1.2.5 Server (ProFTPD) [My Backup Server]
Name (domain.com:admin): user
331 Password required for backup.
Password:
230 User user logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> send output-ftptest.log
local: output-ftptest.log remote: output-ftptest.log
200 PORT command successful.
421 No Transfer Timeout (300 seconds): closing control connection.

Just times out.

Here is my firewall rule
ipchains -A input -i eth0 -p tcp --destination-port 137 --syn -j DENY
# TCP
# serve ftp for NON-passive clients_ONLY_
ipchains -A input -i eth0 -p tcp --destination-port 20:21 --syn -j ACCEPT -l
# serve ssh - 2828
ipchains -A input -i eth0 -p tcp --destination-port 2828 --syn -j ACCEPT -l
# serve smtp - 25
ipchains -A input -i eth0 -p tcp --destination-port 25 --syn -j ACCEPT
# serve http - 80
ipchains -A input -i eth0 -p tcp --destination-port 80 --syn -j ACCEPT
# serve https admin - 81
ipchains -A input -i eth0 -p tcp --destination-port 81 --syn -j ACCEPT -l
# serve pop3 - 110
ipchains -A input -i eth0 -p tcp --destination-port 110 --syn -j ACCEPT
# disallow SYN on all else
ipchains -A input -i eth0 -p tcp --syn -j DENY -l

ipchains -A input -i eth0 --source 207.218.223.135 -j DENY
#allow gateway
ipchains -A input -i eth0 --source mygateway -j ACCEPT
# allow existing TCP sessions to continue
ipchains -A input -i eth0 -p tcp -j ACCEPT


# UDP
# DNS response
ipchains -A output -p udp --dport 53 -j ACCEPT
ipchains -A input -p udp --sport 53 -j ACCEPT



# ICMP allowed
ipchains -A input -i eth0 -p icmp -j ACCEPT

# serve https admin - 443
ipchains -A input -i eth0 -p tcp --destination-port 443 --syn -j ACCEPT -l


# disallow all else
ipchains -A input -i eth0 -j DENY -l


Any suggesstions so I can get my backups working again.

Thanks
--Todd