Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

pure-ftp though stateless firewall

Discussion in 'General Discussion' started by xlocust, Nov 10, 2007.

  1. xlocust

    xlocust Registered

    Joined:
    Nov 7, 2007
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    51
    Hello,

    I am having a bit of an issue trying to get ftp traffic pass though a stateless firewall built with iptables (the kernel of the server does not seem to have the modules needed for stateful connections). I have tried to make the firewall rules as general as possible:

    iptables -A INPUT -p tcp --sport 20 --dport 21 -j ACCEPT
    iptables -A INPUT -p tcp --sport 20 --dport 1024:65535 -j ACCEPT
    iptables -A INPUT -p tcp --sport 21 --dport 1024:65535 -j ACCEPT
    iptables -A INPUT -p tcp --sport 1024:65535 --dport 1024:65535 -j ACCEPT

    but no luck. I also tried editing /etc/pure-ftpd.conf and uncommenting the PassivePorts range
    but again no luck.

    All the iptables examples i have found online show statefull rules but no statefull rules. There has got to be a way to filter ftp traffic without having to have a statefull firewall.

    Anyway, does anyone know of a stateless ruleset for iptables that allows FTP connections though a stateless firewall.

    Your help would be greatly appreciated,
    mike
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice