Iptables Firewall & Ftp

06-23-2004, 12:07 AM

I am setting up a webserver. I want smtp,pop3, http, ftp and etc. to all
pass through the firewall. Some reason FTP will not work. Can someone tell
me what I got wrong?

Thanks.

Matt

/etc/sysconfig/iptables

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 53 -j
ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 53 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 110 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 113 -j
ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 113 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 143 -j
ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 143 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2222 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 20 -j
ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 20 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j
ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j
ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 23 -j
ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

06-23-2004, 12:49 AM

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Matt wrote:
| I am setting up a webserver. I want smtp,pop3, http, ftp and etc. to all
| pass through the firewall. Some reason FTP will not work. Can someone tell
| me what I got wrong?

As I asked to your post in alt.os.linux, did you remember to modprobe/insmod
the ip_nat_ftp module?

[snip]

PS: Please don't multipost. If you think that more than one newsgroup may be
able to assist you, please crosspost to the relevant groups. If you can,
please set the followups to the best group for the discussion.

- --
Lew Pitcher

Master Codewright & JOAT-in-training | GPG public key available on request
Registered Linux User #112576 (http://counter.li.org/)
Slackware - Because I know what I'm doing.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFA2NOEagVFX4UWr64RAiv1AJ46Faa6BLKG1ar4vIdoxC KciMRiPQCgxOry
XPykw8VqzLuKBzYDBoSyyI0=
=zToI
-----END PGP SIGNATURE-----

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Firewall with Iptables	Stefan Malte Schumacher	Linux Networking	12	01-07-2008 11:41 AM
iptables firewall do-over	William Gill	Linux Networking	4	06-19-2007 06:36 PM
apm and iptables (firewall)	Patricia McNeelege	Linux Networking	1	02-27-2004 10:01 AM
Firewall with iptables	Henry	Linux Networking	1	08-17-2003 05:37 PM
Firewall with iptables	Henry	Linux Networking	1	07-10-2003 05:33 PM