[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Active FTP through a masqueraded configuration

From: "Danyell Wilt" <danyell ctelcom net>
To: <redhat-list redhat com>
Subject: Re: Active FTP through a masqueraded configuration
Date: Mon, 1 Mar 1999 09:10:25 -0600

You still want to do a modprobe ip_masq_ftp in 5.2 for command line (active)
ftp support, you also for any other services (irc e.g.).

Also you might add this to your ipfwadm script

ipfwadm -I -a deny -V ip.of.your firewall -S 192.168.1.0/255.255.255.0
ipfwadm -I -a deny -V ip.of.your.firewall -S ip.of.your.firewall


this will prevent spoofed packets from being accepted.

Danyell
>Dear All
>
>My two NIC box is the firewall of my private LAN. So far I got everything
working fine but no applications on the private LAN can do active FTP.
>
>I got the word about an ipmasq-ftp.o module required in the kernel.
>
>What's the case with RH 5.2 ?
>
>In any case, here is my ipfwadm script. in case my firewall is set too
"strongly".
>
>
>/sbin/ipfwadm -I -f # flush existing input rules
>/sbin/ipfwadm -O -f # flush existing output rules
>/sbin/ipfwadm -F -f # flush existing forwarding rules
>/sbin/ipfwadm -I -p accept
>/sbin/ipfwadm -O -p accept
>/sbin/ipfwadm -F -p deny
>/sbin/ipfwadm -F -a m -S 192.168.1.0/255.255.255.0 -D 0.0.0.0/0
>
>
>Thanks a lot,
>Thierry

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]