Firewall and FTP

Klaus Tumczak klaus_t at nickles.de
Sat Nov 9 10:06:14 PST 2002


On Sam, Nov 09, 2002 at 04:50:19 +0100, Oliver Eickenberg wrote:
> Hello,
> 
> With my firewall working for a few weeks now (thanks again for the help 
> i received here) i discovered one problem left:
> 
> I tried to grant access to Internet-FTP-sites for my LAN whith enabling 
> port 21 exactly as i had enabled port 80 for http. I could connect to 
> sites and login successfully but then got timed out every time on any site.
> 
> I searched the net and found out, that this is not a surprise, because 
> port 21 is only used as a kind of ftp-handshaking and that the 
> data-transfer is handled on a separate port. For that port is not always 
> the same, how can one now build a firewall with ftp going through ? That 
> question, the sites i found haven't answered understandable for me.
> 
> Is somebody here who knows a solution ?

Lokk here:

http://www.sns.ias.edu/~jns/security/iptables/iptables_conntrack.html#FTP

> Thanks, Oliver

Bye, Klaus
 
-- 
"The PROPER way to handle HTML postings is to cancel the article, then
hire a hitman to kill the poster, his wife and kids, and fuck his dog
and smash his computer into little bits. Anything more is just
extremism."     -- Paul Tomblin
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message



More information about the blfs-support mailing list