[Fwd: Firewall ( iptables ) enabled for ftp ( active mode & passive mode ) problem]
François Patte
francois.patte at mi.parisdescartes.fr
Sat Mar 27 15:53:15 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Le 27/03/2010 13:04, Edward. S. P. Leong a écrit :
> Hello,
>
> [root at host1 ~]# lsmod|grep ftp
> [root at host1 ~]#
>
> Output is nothing
>
> And:
>
> [root at host1 ~]# iptables -A INPUT -i eth1 -m nf_conntrack_ftp -p tcp
> --dport 21 -d 192.168.1.254 -j ACCEPT
> iptables v1.4.3.1: Couldn't load match
> `nf_conntrack_ftp':/lib/xtables/libipt_nf_conntrack_ftp.so: cannot open
> shared object file: No such file or directory
>
> Try `iptables -h' or 'iptables --help' for more information.
> [root at host1 ~]#
>
> No of the modules can't be loaded...
>
> Any other help ?
/sbin/iptables -A OUTPUT -o ppp0 -p tcp --dport 21 -m state --state \
NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -i ppp0 -p tcp --sport 21 -m state --state \
ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -o ppp0 -p tcp --dport 20 -m state --state \
NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A INPUT -i ppp0 -p tcp --sport 20 -m state --state \
ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A OUTPUT -o ppp0 -p tcp --sport 1024:65535 --dport \
1024:65535 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A INPUT -i ppp0 -p tcp --sport 1024:65535 --dport \
1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
To be adapted to your config..... (obviously you have $int instead of my
ppp0.... etc.)
- --
François Patte
UFR de mathématiques et informatique
Université Paris Descartes
45, rue des Saints Pères
F-75270 Paris Cedex 06
Tél. +33 (0)1 4286 2145
http://www.math-info.univ-paris5.fr/~patte
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkuuKeoACgkQdE6C2dhV2JUJywCcCXn7wmkE6rqHytWXVedwftii
i54AoK0ZGGZMz3aVtRLvLoDey/LLET81
=GYQx
-----END PGP SIGNATURE-----
More information about the users
mailing list