FTP server w/ IPTables
Hi,
I am a newbie and am having a problem setting up a FTP server on RH 7.3 with IPTables as my firewall.
I'm just trying to do something very simple initially as a test. I know my FTP server works perfectly when I set the default policy for the INPUT chain to be "ACCEPT". But obviously this is bad security, so then I changed the default policy for INPUT to "DROP", and then added rules for the FTP ports. I added lines like
$iptables -a input -i $extif -p tcp --dport 21 -j accept #for control
$iptables -a input -i $extif -p tcp --dport 20 -j accept #for data
But then nothing worked, my FTP client just stops at the "Connected to xxx.xxx.xxx.xxx port 21" line, and I get no login prompts, nothing.
The interesting thing is that I added in the same rule for port 22 for my SSH server, and my SSH still works perfectly (though login became very slow).
I know it's the firewall that's causing the problem, but I don't know what else to try. I have no idea how to fix it!
Any help would be great, thanks!
|