View the Most Wanted LQ Wiki articles.
Go Back > Forums > Linux Forums > Linux - Networking
User Name
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.


  Search this Thread
Old 05-20-2003, 03:26 AM   #1
Registered: Nov 2001
Location: singapore
Posts: 120

Rep: Reputation: 15
Networking/ pix firewall issue.

Wonder if anyone can help.

My LAN comprises fo the internal, DMZ and external zones.
This are controlled by pix 515 firewall. In the internal zone, we have router(64k lease line) to another company(A). If i were to allow the company(A) to ftp into one of our LAN server, how can i secured our server for ftp access only from company(A) ??

Right now, pix firewall is only able to secure access for DMZ and external zone. Because the router is in the internal zone and connect to company(A) via lease line. Wouldn't access via ftp allows company(A) to access all our internal servers ?? Pls advise.

Old 05-21-2003, 03:50 PM   #2
Registered: Aug 2001
Location: Off the coast of Madadascar
Posts: 498

Rep: Reputation: 30
Simple make an iptables script like this.

echo "Setting up IP Tables: /etc/iptables"

modprobe ip_tables
modprobe ip_conntrack

# Flush Rules, get rid of any user-defined chains, zero counters:
iptables -F
iptables -F -t nat
iptables -X
iptables -Z

# Set policies for all pre-defined chains:
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP

iptables -A INPUT -p tcp –dport 21,20 -s <company A IP(s)> -j ACCEPT
iptables -A OUTPUT -p tcp -s <company A IP(s)> -j ACCEPT

Just fill in the appropriate IPs or range of IPs. Thats should work but it is not ultra secure. So your mileage may vary.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Open port in Cisco PIX firewall aisalen Linux - General 8 12-15-2005 07:51 PM
PIX firewall MAC address trebek Linux - Networking 2 08-12-2005 06:36 PM
Windows Networking Router or Firewall Issue? Daniel Linux - Networking 1 02-13-2004 02:29 PM
networking issue illkunundrum Linux - Newbie 1 09-28-2003 12:14 AM
Im running syslogd. I also have my PIX firewall logs being written to my linux syslog adamrau Linux - Security 2 12-19-2001 02:38 PM

All times are GMT -5. The time now is 12:17 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration