Re: Question on Internet access of vsftp server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On December 18, 2003 06:56 am, Bob Smith wrote:
> Craig,
>
> I'll look into this in a little while.  It looks like a viable alternative.
>
> However, I think I may have found the problem.   I was surfing about 1pm
> local, and found an errata listing for vsftpd and RH9.  It seems that
> there were two packaged sets that went out without vsftpd being compiled
> against tcp-wrappers.  There's an RPM available to fix that problem, so
> I'm going to apply that RPM first and see if that solves the problem.
>
> Thanks everyone for your input.
>
> -Bob

That sounds like you've found the cause and solution. If not, (or anyway) you 
should check your logs, and also add a LOG entry to the firewall DENY or 
REJECT line to see whats happening at the firewall.

Depending on your exact rules, add something like this, just blow your FTP 
ACCEPT Rules, and ABOVE the RETURN line  in a user chain, as in:
ftp accept rules...
$IPTABLES -A FTP_CHAIN -p tcp -m state --state NEW -i $EXT_IF \
  --dport $FTP_PORTS -j LOG --log-prefix "NetF FTP Failure: "
... RETURN if in user chain
...then the drop line later in rules


-- 
Pete Nesbitt, rhce


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux