iptables rules for ftp

Discussion in 'Installation/Configuration' started by flourishing, Jun 17, 2006.

  1. flourishing

    flourishing New Member

    the rules not red is the orginal rules only accept 22 ssh . and i want it allow ftp server can access by ie or ftp client. how should the rules be ?
    the red rules is I added ,but it doesn't work .

    thanks for help .
     
  2. brianaustin

    brianaustin New Member

    try this

    -A RH-Firewall-1-INPUT -p tcp --dport 21 -j ACCEPT
    -A RH-Firewall-1-INPUT -p tcp --dport 20 -j ACCEPT

    also
    -A RH-Firewall-1-INPUT -j LOG (I think thats the syntax)

    and look at syslog to see whats happening when you ftp

    also you may need some --sport 20,21 rules

    b
     
  3. falko

    falko Super Moderator Howtoforge Staff

    Which distribution do you use?
     
  4. dealspiggy

    dealspiggy New Member

    I'm using centOS 5.1

    thanks
     
  5. NixerX

    NixerX New Member

    Do you need to /sbin/modprobe ip_conntrack_ftp ?
     
  6. topdog

    topdog Active Member

    Due to the nature of the FTP protocol yes you need connection tracking so the module needs to be loaded to make it permanent add the module to

    /etc/sysconfig/iptables-config
     

Share This Page