Aleksandar Milivojevic wrote on Wed, 30 Nov 2005 09:16:34 -0600: > For example, the correct way to > allow active FTP data connection, you would allow packet in only if it is sent > from port 20 (-p tcp --sport 20), *and* it is connection to high port > (preferrably in 49152-65534 range, although some broken FTP servers use entire > 1024-65534 range, but definettely high port) (--dport 49152:65534) *and* > related to existing FTP control channel (-m state --state RELATED) > *and* it was > marked as related by ftp helper module (-m helper --helper ftp). Is that "helper" identical with the ip_conntrack_ftp module or is this something different? Kai -- Kai Sch?tzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com IE-Center: http://ie5.de & http://msie.winware.org
Default CentOS(Redhat) iptables, Secure?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Default CentOS(Redhat) iptables, Secure?
- From: maillists at conactive.com (Kai Schaetzl)
- Date: Wed Nov 30 16:31:31 2005
- In-reply-to: <20051130091634.2g9ehsl3i8gkwg8g@xxxxxxxxxxxxxxxxxxx>
- References: <438D9811.8010804@xxxxxxxxxxxxxxxx> <1133353640.12053.80.camel@xxxxxxxxxxxxxxx> <20051130091634.2g9ehsl3i8gkwg8g@xxxxxxxxxxxxxxxxxxx>
- Follow-Ups:
- Default CentOS(Redhat) iptables, Secure?
- From: Aleksandar Milivojevic
- Default CentOS(Redhat) iptables, Secure?
- References:
- Default CentOS(Redhat) iptables, Secure?
- From: Mark Sargent
- Default CentOS(Redhat) iptables, Secure?
- From: Johnny Hughes
- Default CentOS(Redhat) iptables, Secure?
- From: Aleksandar Milivojevic
- Default CentOS(Redhat) iptables, Secure?
- Prev by Date: clicking backspace in centos3 makes ^?
- Next by Date: CentOS mailserver and spam filter setup ideas &preferences
- Previous by thread: Default CentOS(Redhat) iptables, Secure?
- Next by thread: Default CentOS(Redhat) iptables, Secure?
- Index(es):
 |