Iptables, FTP and firewall

[der.hans]

Am 10. Jul, 2002 schwätzte Howard Shaw so:

> I'm setting up a port filtering firewall for an ftp server..  I'm using
> iptables.  What ports beside 21 do I need to allow connections to for
> this to work?

Port 21 and associated ports.

Load the ip_conntrack_ftp module.

It looks like 'iptables -I STATE -m state --state ESTABLISHED,RELATED -j
ACCEPT' might also be necessary.

I'm snarfing that out of a script written by FireStarter.

The real question, though, is: do you really need ftp? Use http for anon
downloading and ssh/scp/sftp for authorized uploading/downloading if you
can.

ciao,

der.hans
-- 
#  https://www.LuftHans.com/
# "Communications without intelligence is noise;
# Intelligence without communications is irrelevant."
# Gen. Alfred. M. Gray, USMC