[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-users] Firewall active but ftp no longer working
- Subject: [cobalt-users] Firewall active but ftp no longer working
- From: "R. Hamburg .: HaVa Web- & Processdesign :." <user@xxxxxxx>
- Date: Fri Oct 31 08:03:01 2003
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
Hi All,
Long time no see.
I have a firewall running ipchains and a script
now there are some clients complaining not bein able to sent mails and ftp
here are the related lines.
/sbin/ipchains -A input -i eth0 -s 127.0.0.1 -j ACCEPT
/sbin/ipchains -A input -i eth0 -s XXX.XXX.XXX.XXX -j ACCEPT
/sbin/ipchains -A input -i eth0 -p tcp --destination-port 20:21 --syn -j
ACCEPT
/sbin/ipchains -A input -i eth0 -p tcp --destination-port 25 --syn -j ACCEPT
/sbin/ipchains -A input -i eth0 -p tcp --destination-port 110 --syn -j
ACCEPT
/sbin/ipchains -A input -i eth0 -s 10.0.0.0/8 -d 0/0 -j DENY
/sbin/ipchains -A input -i eth0 -s 172.16.0.0/12 -d 0/0 -j DENY
/sbin/ipchains -A input -i eth0 -s 192.168.0.0/16 -d 0/0 -j DENY
/sbin/ipchains -A input -i eth0 -s 127.0.0.0/8 -d 0/0 -j DENY
/sbin/ipchains -A input -i eth0 -j DENY
note that XXX.XXX.XXX.XXX is the ip of the box. Note that this is not the
complete list of rules but the considerated needed ones for this questions.
If you need more info please ask.
i think this has something to do with passive and active ftp transfers using
a high when connected. You can connect but it is not possible to list a dir
in ftp or upload something any thought would be greatly appreciated.
Robbert