03-18-2002
Just a guess, but this should work (iptables experts can correct me)
Assume:
server1 IP is 192.168.0.1
server2 IP is 192.168.100.1
# Allow ftp to server 2 from 1
iptables -A INPUT -s 192.168.0.1 -d 192.168.100.1 -p tcp -m tcp --dport 21 -j ACCEPT
# Deny ftp from server 2 to server 1
iptables -A INPUT -s 192.168.100.1 -d 192.168.0.1 -p tcp -m tcp --dport 21 -j DROP
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have allready opened a thread about this, but my question was really weird formed, so I'm writting it here again:
I have a Network with 4 FTP Servers, then a firewall, and then a Network with clients. The clients should have access to the FTP Servers, but it should not be possible to connect... (2 Replies)
Discussion started by: sTorm
2 Replies
2. Shell Programming and Scripting
I need help on the code below. I am getting a compile error
syntax error at line 283 : `<<' unmatched
Looks like it doesn't like the << on the ftp line below. If I ran the code outside of this block everything work fine, but when I put in a block of code or in a function, I got syntax error. I... (1 Reply)
Discussion started by: leemjesse
1 Replies
3. Solaris
Hi Friends,
I would like to block the root user for doing ftp. As I am aware that I need to put the entry for root in /etc/ftpusers.....am I right...??? But I am not able to edit the file & even more command is not working.
#ls -l ftp*
total 14
-rw-r--r-- 1 root sys 1249 Jun... (3 Replies)
Discussion started by: jumadhiya
3 Replies
4. UNIX for Dummies Questions & Answers
Could anyone provide information on how to block a specific client machine from being able to log onto anonymous ftp? (10 Replies)
Discussion started by: dennisheazle
10 Replies
5. Shell Programming and Scripting
Hi everybody. I have the next scenary:
eth0: WAN
eth1: DMZ
eth2: LAN
I need to block all incoming trafic from the internet through my network LAN using iptables. I have squid but i need to do this using ipatbles.
I have been listening about iptables -A FORDAWARD but I am stuck right... (0 Replies)
Discussion started by: edeamat
0 Replies
6. AIX
Hello everyone
I create a file /etc/ftpusers to block users. I put the names of the users and I refresh the service inetd.
My question is the user still log in by ftp.???? What I miss
Thanks for your opinions.
Greetings (2 Replies)
Discussion started by: lo-lp-kl
2 Replies
7. UNIX for Dummies Questions & Answers
I have set up a firewall on my centOS 5.6 box. I copied it from info I found online related to web servers. Everything seems to work fine but my ftp from my LAN. I am not able to ftp into the directories at all. I have the box set up as a test web server. Here is my iptable:
I have opened ports... (7 Replies)
Discussion started by: ktb231
7 Replies
8. Red Hat
Hi,
Following is the output of iptables -S command
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -s 192.168.0.5/32 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 192.168.0.5/32 -p udp -m udp --dport 22 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -p udp -m udp --dport 20 -j... (3 Replies)
Discussion started by: shahdharmit
3 Replies
9. IP Networking
I am using vsftp but I can't login with passive mode. I can only login with active mode. I can login with both mode when service of iptables is stop.
In active mode : 20,21 must be open from server site. 1023 and over must be open at client site.
In passive mode : only 21,1023 and over must be... (1 Reply)
Discussion started by: getrue
1 Replies
10. IP Networking
I have a pretty stock iptables script. One rule allows active ftp from an outside IP address. To troubleshoot it, I opened up ftp to all connections from the outside.
When a user outside our domain connects via FTP, they are denied. If I flush the rules, the ftp takes place successfully. This... (2 Replies)
Discussion started by: bricoleur
2 Replies
LEARN ABOUT PHP
socket-context-options
SOCKET-CONTEXT-OPTIONS(3) 1 SOCKET-CONTEXT-OPTIONS(3)
Socket context options - Socket context option listing
Socket context options are available for all wrappers that work over sockets, like tcp, http and ftp.
o $bindto
- Used to specify the IP address (either IPv4 or IPv6) and/or the port number that PHP will use to access the network. The syntax
is ip:port for IPv4 addresses, and [ip]:port for IPv6 addresses. Setting the IP or the port to 0 will let the system choose the IP
and/or port.
Note
As FTP creates two socket connections during normal operation, the port number cannot be specified using this option.
o $backlog
- Used to limit the number of outstanding connections in the socket's listen queue.
Note
This is only applicable to stream_socket_server(3).
+--------+-----------------+
|Version | |
| | |
| | Description |
| | |
+--------+-----------------+
| 5.3.3 | |
| | |
| | Added backlog. |
| | |
| 5.1.0 | |
| | |
| | Added bindto. |
| | |
+--------+-----------------+
Example #1
Basic $bindto usage example
<?php
// connect to the internet using the '192.168.0.100' IP
$opts = array(
'socket' => array(
'bindto' => '192.168.0.100:0',
),
);
// connect to the internet using the '192.168.0.100' IP and port '7000'
$opts = array(
'socket' => array(
'bindto' => '192.168.0.100:7000',
),
);
// connect to the internet using the '2001:db8::1' IPv6 address
// and port '7000'
$opts = array(
'socket' => array(
'bindto' => '[2001:db8::1]:7000',
),
);
// connect to the internet using port '7000'
$opts = array(
'socket' => array(
'bindto' => '0:7000',
),
);
// create the context...
$context = stream_context_create($opts);
// ...and use it to fetch the data
echo file_get_contents('http://www.example.com', false, $context);
?>
PHP Documentation Group SOCKET-CONTEXT-OPTIONS(3)