[NTLUG:Discuss] PASV
Dan Carlson
dcarlson at dnaent.com
Tue Jan 4 09:34:09 CST 2000
You need to allow incoming connections from the ftp-data port to ports above
1024 on your machine:
-A input -p TCP -s ! 192.168.0.0/16 ftp-data -d 0/0 1024: -j ACCEPT -l
This can be a security hole, as ftp-data is a common port for network port
scanners to use as a source port. You might want to restrict which incoming
source addresses are allowed.
Dan Carlson
----- Original Message -----
From: James Corona <jcorona at bigtex.ci.dallas.tx.us>
To: <discuss at ntlug.org>
Sent: Tuesday, January 04, 2000 9:13 AM
Subject: [NTLUG:Discuss] PASV
> I am using RH 5.2 as a firewall to connect my local pc's to the internet.
> in order to FTP anything I have to use PASV mode, this puts a crimp in
many
> browser connections to ftp sites and does not allow me to support and
update
> the web sites I amintain with the frontpage management tools. Is there a
> way to reconfigure the firewall to allow regular connections?
>
>
> James
>
>
> _______________________________________________
> http://ntlug.org/mailman/listinfo/discuss
>
More information about the Discuss
mailing list