LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-13-2006, 04:38 PM   #1
raf_iso
LQ Newbie
 
Registered: Jul 2005
Posts: 18

Rep: Reputation: 0
Unhappy Easy question about the firewall :)


Hello,

does some1 can tell me how to allow everything on eth0 and only ftp (20-21)+passive range(xxxx-yyyy) on eth1 ??

I tried to play with iptables... but the following commands are not working as espected. Everything seems to be blocked.

Code:
# the goal :
# eth0 = OK for samba, httpd, snmp... everything EXCEPT
# eth1 = ftp server
#
iptables -P INPUT DROP
iptables -A INPUT -i eth0 -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport 20:21 -j ACCEPT 
iptables -A INPUT -i eth1 -p tcp --dport 30000:33000 -j ACCEPT
It's a fedora4 box.

Thanks for your help
rafiso
 
Old 01-13-2006, 06:59 PM   #2
pljvaldez
LQ Guru
 
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094

Rep: Reputation: 281Reputation: 281Reputation: 281
If you have a gui, try installing a gui frontend like guarddog or firestarter.
 
Old 01-14-2006, 02:53 AM   #3
raf_iso
LQ Newbie
 
Registered: Jul 2005
Posts: 18

Original Poster
Rep: Reputation: 0
Hi, thanks for your message.

Anyway I already tried with firestarted but I'm not able to have these rules working.

Does nobody know the few lines that I should have ?

Firestarted and all these gui seems to be for routers ! I mean there is an "internet interface" and a "lan".. for me that's easier : both are in lan ! I only want to allow ONLY FTP with the passiv range on eth1 and everything else on eth0.

I'm getting mad with this

thx for the help

Last edited by raf_iso; 01-14-2006 at 02:56 AM.
 
Old 01-14-2006, 03:45 AM   #4
pk21
Member
 
Registered: Jun 2002
Location: Netherlands - Amsterdam
Distribution: RedHat 9
Posts: 549

Rep: Reputation: 30
First try if active ftp works, if it does than you probably only have to load the connection tracking module to enable passive ftp.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Easy Slackware Firewall? neilcpp Slackware 26 06-28-2013 09:28 PM
easy to configure firewall jaakkop Linux - Software 3 09-18-2005 02:58 PM
easy firewall like sygate or zonealarm ? cmorey Linux - Software 2 10-08-2004 10:19 PM
easy-to-use firewall for system w/ fluxbox sether Linux - Security 3 08-29-2004 01:27 PM
An Easy Question southernman Linux - General 1 12-12-2001 06:41 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:19 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration