[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]
Re: IPchains question

From: "Paul B. Brown" <pbrown btechnet com>
To: redhat-install-list redhat com
Subject: Re: IPchains question
Date: Sun, 4 Jul 1999 17:44:11 -0400 (EDT)
Hummm . . . don't know the answer to that one.  Sorry.  Anyone else played
with this before?

---------------------------------------------------------------------------
Paul B. Brown                          pbrown btechnet com
President
Brown Technologies Network, Inc.       http://www.btechnet.com/

Unix Systems Administration            "Sailing is a state of mind . . . ."
---------------------------------------------------------------------------

On Sun, 4 Jul 1999, Brian Hand wrote:

> Okay but what is the IPchains command to do that or do I need to use the
> port redir?
> 
> 
> Brian
> 
> On Sun, 4 Jul 1999, Paul B. Brown wrote:
> 
> > 
> > If passive mode works that the problem indeed lays with port 20.  Just for
> > a few minutes, open port 20 for inbound traffic.  If this does not work,
> > look into port forwarding:
> > 
> > http://www.ox.compsoc.org.uk/~steve/portforwarding.html
> > 
> > Paul
> > 
> > ---------------------------------------------------------------------------
> > Paul B. Brown                          pbrown btechnet com
> > President
> > Brown Technologies Network, Inc.       http://www.btechnet.com/
> > 
> > Unix Systems Administration            "Sailing is a state of mind . . . ."
> > ---------------------------------------------------------------------------
> > 
> > On Sun, 4 Jul 1999, Brian Hand wrote:
> > 
> > > Just as a quick clairifcation, passive mode works, i.e netscape.  it is
> > > command line ftp that gets screwed up.
> > > 
> > > Brian
> > > 
> > > 
> > > On Sun, 4 Jul 1999, Paul B. Brown wrote:
> > > 
> > > > 
> > > > Hummm . . . .
> > > > 
> > > > Port 20 = data connection
> > > > Port 21 = control connection (data connection as well in passive mode)
> > > > 
> > > > If the data connection to port 20 is not being allowed then you have a
> > > > problem Houston.  My idea here is that the data connection is initiated
> > > > from the remote site, maybe?  If so, you're not allowing the connection.
> > > > Anyone else have any thoughts on this?
> > > > 
> > > > Paul
> > > > 
> > > > ---------------------------------------------------------------------------
> > > > Paul B. Brown                          pbrown btechnet com
> > > > President
> > > > Brown Technologies Network, Inc.       http://www.btechnet.com/
> > > > 
> > > > Unix Systems Administration            "Sailing is a state of mind . . . ."
> > > > ---------------------------------------------------------------------------
> > > > 
> > > > On Sun, 4 Jul 1999, Brian Hand wrote:
> > > > 
> > > > > Hello, I am using the following two ipchains commands to setup ip
> > > > > masquade on a 10.*.*.* network
> > > > > 
> > > > > /sbin/ipchains -P forward DENY
> > > > > /sbin/ipchains -A forward -s 10.0.0.0/255.0.0.0 -j MASQ
> > > > > 
> > > > > every thing works fine except for active ftp sessions,  can anyone offer
> > > > > the command you use to allow active ftp connections back in.  I realize
> > > > > that passive does work, however I have many winblows and macincraps on the
> > > > > private network and they are the ones I need to get working.
> > > > > 
> > > > > Thanks
> > > > > Brian
> > > > > 
> > > > > 
> > > > > 
> > > > > 
> > > > > -- 
> > > > >   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> > > > > 		http://www.redhat.com http://archive.redhat.com
> > > > >          To unsubscribe: mail redhat-install-list-request redhat com with 
> > > > >                        "unsubscribe" as the Subject.
> > > > > 
> > > > 
> > > > 
> > > > -- 
> > > >   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> > > > 		http://www.redhat.com http://archive.redhat.com
> > > >          To unsubscribe: mail redhat-install-list-request redhat com with 
> > > >                        "unsubscribe" as the Subject.
> > > > 
> > > 
> > > 
> > > -- 
> > >   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> > > 		http://www.redhat.com http://archive.redhat.com
> > >          To unsubscribe: mail redhat-install-list-request redhat com with 
> > >                        "unsubscribe" as the Subject.
> > > 
> > 
> > 
> > -- 
> >   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> > 		http://www.redhat.com http://archive.redhat.com
> >          To unsubscribe: mail redhat-install-list-request redhat com with 
> >                        "unsubscribe" as the Subject.
> > 
> 
> 
> -- 
>   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> 		http://www.redhat.com http://archive.redhat.com
>          To unsubscribe: mail redhat-install-list-request redhat com with 
>                        "unsubscribe" as the Subject.
>
References:
- Re: IPchains question
  - From: Brian Hand
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]