iptables rules for ftp

Discussion in 'Installation/Configuration' started by flourishing, Jun 17, 2006.

  1. flourishing

    flourishing New Member

    the rules not red is the orginal rules only accept 22 ssh . and i want it allow ftp server can access by ie or ftp client. how should the rules be ?
    the red rules is I added ,but it doesn't work .

    thanks for help .
     
    flourishing, Jun 17, 2006
    #1
  2. brianaustin

    brianaustin New Member

    try this

    -A RH-Firewall-1-INPUT -p tcp --dport 21 -j ACCEPT
    -A RH-Firewall-1-INPUT -p tcp --dport 20 -j ACCEPT

    also
    -A RH-Firewall-1-INPUT -j LOG (I think thats the syntax)

    and look at syslog to see whats happening when you ftp

    also you may need some --sport 20,21 rules

    b
     
    brianaustin, Jun 18, 2006
    #2
  3. falko

    falko Super Moderator Howtoforge Staff

    Which distribution do you use?
     
    falko, Jun 18, 2006
    #3
  4. dealspiggy

    dealspiggy New Member

    I'm using centOS 5.1

    thanks
     
    dealspiggy, Apr 10, 2008
    #4
  5. NixerX

    NixerX New Member

    Do you need to /sbin/modprobe ip_conntrack_ftp ?
     
    NixerX, Apr 14, 2008
    #5
  6. topdog

    topdog Active Member

    Due to the nature of the FTP protocol yes you need connection tracking so the module needs to be loaded to make it permanent add the module to

    /etc/sysconfig/iptables-config
     
    topdog, Apr 14, 2008
    #6

Share This Page