Re: i need a little help with ftp please...

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Joel Newkirk <netfilter@newkirk.us>
To: mpboden <mpboden@surfcity.net>, netfilter@lists.netfilter.org
Subject: Re: i need a little help with ftp please...
Date: Wed, 5 Feb 2003 23:41:57 -0500	[thread overview]
Message-ID: <200302052341.57529.netfilter@newkirk.us> (raw)
In-Reply-To: <004501c2cd8a$90751b90$483918ac@C1006818>

(extremely heavily snipped... :^)
On Wednesday 05 February 2003 09:50 pm, mpboden wrote:

> Basically, my problem centers around connecting to my ftp server from
> the internet. To start, I've installed wu-ftpd and have the ftp server
> operating properly when connecting to it via my internal network. I
> can have guest users log in successfully and upload/download properly.
> However, with the current iptables ruleset in place, no one can
> connect to the server from the internet. The packets are being dropped
> immediately, and users are not even being promted to enter in their
> user name and password; they get a connection timed out error. As a

>$IPTABLES -A INPUT -i $INTIF -s $INTNET -d $UNIVERSE -j ACCEPT

> $IPTABLES -A INPUT  -i $EXTIF -p tcp --sport 21 -m state --state
> NEW,ESTABLISHED -j ACCEPT

The (real) short answer.  The first rule above accepts any connection 
from the LAN, including FTP.  The second one should be "--dport 21" to 
accept FTP connections FROM the internet.  (You probably DON'T want to 
accept NEW connections FROM port 21 anyway...)

The LONG answer is in a private email. :^)

j

     prev parent reply	other threads:[~2003-02-06  4:41 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20030205232733.8532.43059.Mailman@kashyyyk>
2003-02-06  2:50 ` i need a little help with ftp please mpboden
2003-02-06  4:41   ` Joel Newkirk [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200302052341.57529.netfilter@newkirk.us \
    --to=netfilter@newkirk.us \
    --cc=mpboden@surfcity.net \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.