vsftp | active and passive ftp | iptables


 
Thread Tools Search this Thread
Special Forums IP Networking vsftp | active and passive ftp | iptables
# 1  
Old 12-04-2011
vsftp | active and passive ftp | iptables

I am using vsftp but I can't login with passive mode. I can only login with active mode. I can login with both mode when service of iptables is stop.

In active mode : 20,21 must be open from server site. 1023 and over must be open at client site.
In passive mode : only 21,1023 and over must be open at server site.

Which rule that I must add into the iptable list for passive ftp mode.Smilie

Code:
# cat /etc/sysconfig/iptables
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
#

# 2  
Old 12-04-2011
This User Gave Thanks to dude2cool For This Post:
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Linux

active mode ftp connection from linux

Hi, We have one java client which connects to a windows server through ftp in active mode and gets files. When we run this client on hp-ux, it is able to transfer 100k files. But when we run the same client on Linux server it is able to transfer only 200 files at max and it is hanging there... (1 Reply)
Discussion started by: urspradeep330
1 Replies

2. AIX

ftp connect in passive mode , ftp settings

how to connect to ftp server in passive mode? ftp server.abc and how can i see ftp settings, doesn't exist some ftpd.conf there is some other file where i check the options and configurations of ftp server? Thanks (3 Replies)
Discussion started by: prpkrk
3 Replies

3. AIX

AIX HACMP Active/Passive Config

I have a HACMP 6.1 configured in a active/passive. I have 1 NIC with 3 IP address on (Boot, Persistent and Service ) . All address are routable. One of the application on the HA cluster is also using Boot Ip to send application data. Question : Since all the traffic is passing thru the same... (3 Replies)
Discussion started by: mk8570
3 Replies

4. Linux

vsftp is not working only when i ftp from windows server

Hello Gurus, Naif is implemented for only for port 21 for few windows servers. I have made my linux 5.1 as my FTP server. After installing vsftpd i could ftp from other linux server. linux to linux (ftp server) But same when i ftp from other windows server which only port 21 is enabled.... (2 Replies)
Discussion started by: bullz26
2 Replies

5. Solaris

vsftp is not working only when i ftp from windows server

Hello Gurus, Naif is implemented for only for port 21 for few windows servers. I have made my linux 5.1 as my FTP server. After installing vsftpd i could ftp from other linux server. linux to linux (ftp server) But same when i ftp from other windows server which only port 21 is enabled.... (0 Replies)
Discussion started by: bullz26
0 Replies

6. Shell Programming and Scripting

error while passive ftp file transfer

hi i am doing a passive ftp file transfer . during that i got the following error. "ftp> put FTPS_MAILBOX local: FTPS_MAILBOX remote: FTPS_MAILBOX 421 Service not available, remote server has closed connection Passive mode refused. Turning off passive mode. No control connection for... (1 Reply)
Discussion started by: Satyak
1 Replies

7. UNIX for Dummies Questions & Answers

cURL Active FTP Download

Hello, I know this is probably a very silly question for most but how to do I force curl to do active FTP downloads? Thank you Dallas (2 Replies)
Discussion started by: Dallasbr
2 Replies

8. Linux

How to set up FTP Server with Active Directory

I've set up a FTP server (vsftpd) with some local user account and it works fine. Now i want to upgrade this FTP server with an ability that can authorize user through Active Directory. I do a search around our forum and it leads me to this page: Native LDAP, native Kerberos and Windows Server... (0 Replies)
Discussion started by: cthinh
0 Replies

9. UNIX for Dummies Questions & Answers

passive ftp problem

Hello! Im having a strange problem. Im getting "Possible PASV port theft, cannot open data connection" when i try to ftp from one machine to another. This dosent happen everytime, only once in a while. Ive checked the firewall, and everything is open betwen client -> server, no restrictions... (1 Reply)
Discussion started by: dozy
1 Replies
Login or Register to Ask a Question