At 07:03 05.11.2002, Luke Brown said:
--------------------[snip]--------------------
>Im trying to ftp to one of our internal machines from externally with
>little success. Works fine on the local side of the firewall however I
>cannot get a directory listing from outside, login is fine however.
>
>My iptables rules are as follows to allow access through to the server,
>anything im missing?
>
>iptables -A FORWARD -p tcp -d $FTP --dport ftp -j ACCEPT
>iptables -A FORWARD -p tcp -d $FTP --dport ftp-data -j ACCEPT
--------------------[snip]--------------------
You are missing the reverse direction - you only allow traffic to your FTP
host (-d $FTP) but (if your default rule is to DROP üackets you don't
specifically allow) you're discarding traffic back.
Add these two lines:
iptables -A FORWARD -p tcp -s $FTP --dport ftp -j ACCEPT
iptables -A FORWARD -p tcp -s $FTP --dport ftp-data -j ACCEPT
OTOH you might simply have to use passive FTP from the outside. Check your
FTP client how to enable PASV.
--
>O Ernest E. Vogelsinger
(\) ICQ #13394035
^ http://www.vogelsinger.at/
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe
https://listman.redhat.com/mailman/listinfo/redhat-list
