The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

pure-ftp though stateless firewall

Discussion in 'General Discussion' started by xlocust, Nov 10, 2007.

  1. xlocust

    xlocust Registered

    Nov 7, 2007
    Likes Received:
    Trophy Points:

    I am having a bit of an issue trying to get ftp traffic pass though a stateless firewall built with iptables (the kernel of the server does not seem to have the modules needed for stateful connections). I have tried to make the firewall rules as general as possible:

    iptables -A INPUT -p tcp --sport 20 --dport 21 -j ACCEPT
    iptables -A INPUT -p tcp --sport 20 --dport 1024:65535 -j ACCEPT
    iptables -A INPUT -p tcp --sport 21 --dport 1024:65535 -j ACCEPT
    iptables -A INPUT -p tcp --sport 1024:65535 --dport 1024:65535 -j ACCEPT

    but no luck. I also tried editing /etc/pure-ftpd.conf and uncommenting the PassivePorts range
    but again no luck.

    All the iptables examples i have found online show statefull rules but no statefull rules. There has got to be a way to filter ftp traffic without having to have a statefull firewall.

    Anyway, does anyone know of a stateless ruleset for iptables that allows FTP connections though a stateless firewall.

    Your help would be greatly appreciated,

Share This Page