IPTABLES rules for active FTP
Steve Flynn
anothermindbomb at gmail.com
Tue May 19 19:10:24 UTC 2009
On Tue, May 19, 2009 at 6:22 PM, Noah <admin2 at enabled.com> wrote:
> Hi there,
>
> What are the best iptables rules for active FTP connections?
Google should give you something along the lines of
/sbin/modprobe ip_conntrack_ftp
iptables -A INPUT -p TCP -i eth0 --dport 21 -m state --state NEW -j ACCEPT
iptables -A INPUT -p ALL -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p ALL -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
Note - completely untested. I never have had a need to run anything
other than Passive.
--
Steve
When one person suffers from a delusion it is insanity. When many
people suffer from a delusion it is called religion.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
More information about the ubuntu-users
mailing list