[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Linux 2.2.19 IPCHAINS Firewall + FTP woes

Subject: [ale] Linux 2.2.19 IPCHAINS Firewall + FTP woes
From: fishy at ipa.net (Thomas Holmquist)
Date: Thu, 24 Jul 2003 20:45:05 -0400

No, the only time you need to open up more than one port is when your 
doing passive FTP, and even then you can tell the FTP daemon to only use 
a small range of ports, so setting a DMZ on your router is not needed

Dow Hurst wrote:

> Switch to scp.  Don't use ftp to connect to a machine inside your 
> firewall from the Internet.  You need a DMZ or exposed server to 
> provide ftp services.
> Dow
>
>
> Nathan J. Underwood wrote:
>
>> An associate has a linux firewall running RH Linux (kernel 2.2.19), 
>> ipchains
>> 1.3.9 to protect a small firm (~5 users).  This has worked well in 
>> the past, but
>> now he needs to put a FTP server behind it (currently has webserver, 
>> and mail
>> server behind it).  It's been a very long time since I've worked with 
>> the 2.2.x
>> kernel, and an ipchains firewall for that matter, but I definately 
>> remember
>> losing some hair over trying to get FTP to work from behind it.  We 
>> can get to
>> the box, and log into the FTP server, but we are unable to get a 
>> directory
>> listing.  I have verified that ip_masq_ftp is loaded, but lsmod 
>> reports that
>> it's unused (see below).  Any ideas?  What am I missing?  Many thanks
>>
>> lsmod
>> Module                  Size  Used by
>> ip_masq_ftp             3740   0  (unused)
>> ip_masq_portfw          2656  48
>>
>>
>>  
>>
>


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

Prev by Date: [ale] LUG Sues SCO
Next by Date: [ale] samba question
Previous by thread: [ale] Linux 2.2.19 IPCHAINS Firewall + FTP woes
Next by thread: [ale] identd + sendmail
Index(es):
- Date
- Thread