10 More Discussions You Might Find Interesting
1. IP Networking
I have a pretty stock iptables script. One rule allows active ftp from an outside IP address. To troubleshoot it, I opened up ftp to all connections from the outside.
When a user outside our domain connects via FTP, they are denied. If I flush the rules, the ftp takes place successfully. This... (2 Replies)
Discussion started by: bricoleur
2 Replies
2. IP Networking
I am using vsftp but I can't login with passive mode. I can only login with active mode. I can login with both mode when service of iptables is stop.
In active mode : 20,21 must be open from server site. 1023 and over must be open at client site.
In passive mode : only 21,1023 and over must be... (1 Reply)
Discussion started by: getrue
1 Replies
3. HP-UX
Hello All,
I am trying to connect to ftp server and get the files. Also i need to rename the file in other ftp dir.
rename method is not allowing me to rename the file in other dir. When i tried copy command by using net::FTP:FILE then perl says it is not installed.
Can some body help me to... (2 Replies)
Discussion started by: krsnadasa
2 Replies
4. Red Hat
Hi,
Following is the output of iptables -S command
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -s 192.168.0.5/32 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 192.168.0.5/32 -p udp -m udp --dport 22 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -p udp -m udp --dport 20 -j... (3 Replies)
Discussion started by: shahdharmit
3 Replies
5. Shell Programming and Scripting
Hi everybody. I have the next scenary:
eth0: WAN
eth1: DMZ
eth2: LAN
I need to block all incoming trafic from the internet through my network LAN using iptables. I have squid but i need to do this using ipatbles.
I have been listening about iptables -A FORDAWARD but I am stuck right... (0 Replies)
Discussion started by: edeamat
0 Replies
6. Shell Programming and Scripting
Hi all,
I'm using the following script to automated ftp files to 1 ftp servers
host=192.168.0.1
/usr/bin/ftp -vi >> $bkplog 2>&1 <<ftp
open $host
bin
cd ${directory}
put $files
quit
ftp
and the .netrc file contain
machine 192.168.0.1
login abc... (4 Replies)
Discussion started by: varu0612
4 Replies
7. UNIX for Advanced & Expert Users
Hi,
We have some clients who will place huge files in to one of the remote server.
And the shell script written in our local server to retrieve client files (using FTP) placed on one of the remote server of ours by clients.
My question Is there any FTP command/script to check from my local... (1 Reply)
Discussion started by: nmsrao
1 Replies
8. IP Networking
Greetings to all.
My new firewall is giving me one hell of a problem.
I'm running iptables and masquerading my intranet
thru NAT. But here is the problem. Whenever I try
to FTP to a server outside of my lan I get a 500
illegal port error.
I've come to the conclusion that NAT is... (2 Replies)
Discussion started by: phrater
2 Replies
9. Cybersecurity
I have 2 LAN's, seperated by a firewall, running iptables on it.
I want only allow ftp access from one to the other LAN.
Server 1 in LAN 1 should have ftp access to Server 2 in LAN 2
Server 2 in LAN 2 should not have ftp access to Server 1 in LAN 1.
Can someone tell me how to set up the... (5 Replies)
Discussion started by: sTorm
5 Replies
10. UNIX for Dummies Questions & Answers
I have allready opened a thread about this, but my question was really weird formed, so I'm writting it here again:
I have a Network with 4 FTP Servers, then a firewall, and then a Network with clients. The clients should have access to the FTP Servers, but it should not be possible to connect... (2 Replies)
Discussion started by: sTorm
2 Replies
ftpd_selinux(8) ftpd SELinux policy documentation ftpd_selinux(8)
NAME
ftpd_selinux - Security-Enhanced Linux policy for ftp daemons.
DESCRIPTION
Security-Enhanced Linux provides security for ftp daemons via flexible mandatory access control.
FILE_CONTEXTS
SELinux requires files to have a file type. File types may be specified with semanage and are restored with restorecon. Policy governs the
access that daemons have to files.
Allow ftp servers to read the /var/ftp directory by adding the public_content_t file type to the directory and by restoring the file type.
semanage fcontext -a -t public_content_t "/var/ftp(/.*)?"
restorecon -F -R -v /var/ftp
Allow ftp servers to read and write /var/tmp/incoming by adding the public_content_rw_t type to the directory and by restoring the file
type. This also requires the allow_ftpd_anon_write boolean to be set.
semanage fcontext -a -t public_content_rw_t "/var/ftp/incoming(/.*)?"
restorecon -F -R -v /var/ftp/incoming
BOOLEANS
SELinux policy is based on least privilege required and may also be customizable by setting a boolean with setsebool.
Allow ftp servers to read and write files with the public_content_rw_t file type.
setsebool -P allow_ftpd_anon_write on
Allow ftp servers to read or write files in the user home directories.
setsebool -P ftp_home_dir on
Allow ftp servers to read or write all files on the system.
setsebool -P allow_ftpd_full_access on
Allow ftp servers to use cifs for public file transfer services.
setsebool -P allow_ftpd_use_cifs on
Allow ftp servers to use nfs for public file transfer services.
setsebool -P allow_ftpd_use_nfs on
system-config-selinux is a GUI tool available to customize SELinux policy settings.
AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
SEE ALSO
selinux(8), ftpd(8), setsebool(8), semanage(8), restorecon(8)
dwalsh@redhat.com 17 Jan 2005 ftpd_selinux(8)
