On December 20, 2003 07:02 pm, Bob Smith wrote: > I'm not sure what I'm looking for with the forward rules. The results > are: Chain FORWARD (policy ACCEPT) > target prot opt source destination > <INPUT_RULE> all -- 0.0.0.0/0 0.0.0.0/0 You're not doing any forwarding from the sounds of it so it won't matter, but the INPUT rules should indicate "policy Drop" or Reject, and "ftp Accept". > >>Make sure there is a log entry before any other accept rules. Maybe > >> someone else that reads this and uses the same tool as originally set > >> these up, can comment on the iptables rules you have listed. > > I will put the rules at the top of the accept list, just under the FTP > rules, and test. Put a set in before the ftp rules to show that it is getting to the firewall (change the tag a bit for identiciation), then if it fails the ftp rules it should log an additional entry from the entry after the ftp rules. If only the pre-ftp gets loged, then you know the firewall is allowing ftp through, at least for the initial connection. -- Pete Nesbitt, rhce -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
