[H-GEN] ftp and ipchains
Nikolai Lusan
nikolai at humbug.org.au
Tue Dec 14 00:38:06 EST 1999
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Please observe the list's charter. ]
Hi all,
I recently noticed a small problem with a machine I administer,
after I set up my packet filtering - allowing connections to the port
the ftp server is running on and high port TCP connects from ftp and
ftp-data ports - I found that a large part of the time connections and
directory listings take a while to come through. The delay is lengthy
and is causing me some concern. I was wondering if anyone had ideas on
what could be causing it, I am running ftp on a non-standard port at the
behest of the machines owner. Below are the rules regaurding ftp
connections..
ipchains -A ethin -p TCP -d $eth0 76 -j ACCEPT
ipchains -A ethin -p TCP -s 0.0.0.0/0 ftp-data -d $eth0 1024:5999 -j
ACCEPT
ipchains -A ethin -p TCP -s 0.0.0.0/0 ftp-data -d $eth0 6010: -j ACCEPT
ipchains -A ethin -p TCP -s 0.0.0.0/0 ftp -d $eth0 1024:5999 -j ACCEPT
ipchains -A ethin -p TCP -s 0.0.0.0/0 ftp -d $eth0 6010: -j ACCEPT
Nikolai
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.
More information about the General
mailing list