LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 02-19-2004, 03:59 AM   #1
PhatZero
LQ Newbie
 
Registered: Jun 2003
Posts: 6

Rep: Reputation: 0
ftp behind iptables fw


heya

hi there!

i am netadmin @ my student's home and been with linux for only half a year
now (win2k lover sitting here) and now i am sitting in front of the fw.

its a linux iptables based fw and i want to run a ftp behind the fw, everyone
in the students home, every user got his own static ip adress,
so i want to know how to allow traffic coming to my ip on a specific port
is being let through by the fw.

i appreciate input and maybe suggestions for a ftpd

cya
phat
 
Old 02-19-2004, 04:27 AM   #2
nowonmai
Member
 
Registered: Jun 2003
Posts: 481

Rep: Reputation: 48
I use proftp
are all the allowable IPs in the same subnet?
if so, you could use something like:
iptables -A INPUT -p tcp -s x.x.x.x/x -i eth0 -dport 21 -j ACCEPT
iptables -A INPUT -p udp -s x.x.x.x/x -i eth0 -dport 21 -j ACCEPT
where x.x.x.x/x is the subnet/size and eth0 is to be replaced with your outward facing interface

if not, you'd have to do:
iptables -A INPUT -p tcp -s x.x.x.x -i eth0 -dport 21 -j ACCEPT
iptables -A INPUT -p udp -s x.x.x.x -i eth0 -dport 21 -j ACCEPT
for each allowable IP address, where x.x.x.x is the IP to allow and eth0 is to be replaced with your outward facing IP address

there's a good tutorial here: http://www.yolinux.com/TUTORIALS/Lin...rkGateway.html

It has a simple setup for dropping everything apart from the connections you want, but doesn't allow for dropping everything not from specific IPs. A combination of what I've said and what's there should get you going.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
ftp and iptables eantoranz Linux - Networking 1 07-04-2005 11:24 AM
iptables and ftp ciberrust Linux - Networking 2 11-19-2004 05:05 PM
IPTables and FTP - ftp on LAN adamgedde Linux - Newbie 6 10-16-2003 08:11 PM
ftp and ftp port forwarding with IPtables?? FunkFlex Linux - Security 3 04-24-2002 03:03 AM
FTP Through IPTables JHuizingh Linux - Networking 5 03-08-2002 11:37 PM


All times are GMT -5. The time now is 04:35 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration