[ale] sunday morning ipchains

Bao C. Ha bao at hacom.net
Sun Aug 4 13:54:59 EDT 2002 

On Sun, Aug 04, 2002 at 01:45:24PM -0400, Jonathan Glass wrote:

Hi Jason,

See if you can do FTP in passive mode.  You may need to load
ip_masq_ftp.

Bao

> 
> -----Original Message-----
> From: jason vinson [mailto:jvinson at snapserver.com] 
> Sent: Sunday, August 04, 2002 12:16 PM
> To: ale at ale.org
> Subject: [ale] sunday morning ipchains
> 
> 
> Hi guys,
> 
> I am having a bit of trouble with ipchains.  I created a coyote linux
> floppy and it runs nicely.  My home network has an ftp server on it that
> i would like to have accesable from the outside world, but i can't seem
> to get ipchains to work properly.  here's my rule set (keep in mind i am
> fairly new at this):
> 
> /sbin/ipchains -P forward DENY
> 
> /sbin/ipchains -A forward -j MASQ -s $LOCAL_NETWORK/$LOCAL_NETMASK -d
> 0.0.0.0/0
> 
> /sbin/ipchains -A forward -j MASQ -s 0.0.0.0/0 20:21 -p tcp -d
> 192.168.0.10 /sbin/ipchains -A forward -j MASQ -s 0.0.0.0/0 20:21 -p udp
> -d 192.168.0.10
> 
> and here's what i see from "ipchains -L":
> 
> Chain input (policy ACCEPT):
> Chain forward (policy DENY):
> target prot opt     source          destination   ports
> MASQ   all  ------  192.168.0.0/24  anywhere      n/a
> MASQ   tcp  ------  anywhere        192.168.0.10  ftp-data:ftp ->   any
> MASQ   udp  ------  anywhere        192.168.0.10  20:fsp ->   any
> Chain output (policy ACCEPT):
> 
> any ideas on what i should do?
> 
> and please be gentle  :)
> 
> thanks in advance.
> Jason
> 
> 
> ---
> This message has been sent through the ALE general discussion list. See
> http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> 
> sent to listmaster at ale dot org.
> 
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> sent to listmaster at ale dot org.

-- 
Bao C. Ha                    voice: (310) 675-3510
8D66 6672 7A9B 6879 85CD  42E0 9F6C 7908 ED95 6B38
Primary Perpetrator of "Slackware Linux Unleashed"

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list