LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-27-2003, 08:32 PM   #1
f1uke
Member
 
Registered: Jan 2003
Location: norfolk, VA
Distribution: suse 8.2, redhat 8.0
Posts: 60

Rep: Reputation: 15
iptables & conntrack


I am having problems with my ftp, and ircing behind my firewall, ive been goggling and trying to find out why some time these services work, and then out of the blue dont until I flush ip tables. I came to the conclusion that i need to use conntrack, but I really need help with this, I couldnt get it to work
my table looks something like this now

target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:fsp
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT udp -- anywhere anywhere udp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:auth
ACCEPT tcp -- anywhere anywhere tcp dpt:ident
ACCEPT udp -- anywhere anywhere udp dpts:33000:44000
ACCEPT tcp -- anywhere anywhere tcp dpts:33000:44000
ACCEPT udp -- anywhere anywhere udp dpts:6660:6669
ACCEPT tcp -- anywhere anywhere tcp dpts:6660:6669
DROP tcp -- anywhere anywhere
DROP udp -- anywhere anywhere

and i tried replacing the ftp and irc definitions to something like this and didnt go over to well.
iptables -A INPUT --ctproto tcp -s 0/0 -d 0/0 --destination-port 20 --syn -j ACCEPT

has anyone else had any experience with this that could help?
 
Old 11-28-2003, 06:57 PM   #2
newpenguin
Member
 
Registered: Sep 2002
Location: lahore pakistan
Distribution: slackware,redhat, FreeBSD,openbsd
Posts: 219

Rep: Reputation: 30
i think ur question is about internet connection sharing.
google about ip masquerade.
 
Old 12-02-2003, 11:11 AM   #3
f1uke
Member
 
Registered: Jan 2003
Location: norfolk, VA
Distribution: suse 8.2, redhat 8.0
Posts: 60

Original Poster
Rep: Reputation: 15
no i am not sharing a connection, it's straight through, no nat
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
pptp-conntrack-nat jobbe314 Linux - Networking 1 07-16-2005 10:37 AM
iptables conntrack concepts question eantoranz Linux - Networking 0 01-06-2005 09:59 AM
ftp server ports - conntrack kola Linux - Security 6 07-23-2004 08:14 AM
firewall question: ip conntrack dareino Slackware 2 04-11-2004 08:30 PM
Mandrake 8.2 - NAT, conntrack, & H323 gboutwel Linux - Distributions 15 07-07-2002 02:01 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:41 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration