Re: [TCLUG:7169] ipchains and passive ftp

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:7169] ipchains and passive ftp
From: "Clayton T. Fandre" <cfandre@minn.net>
Date: Sat, 24 Jul 1999 05:12:52 +0000
References: <19990723210013.A15398@wizard.real-time.com>
Sender: cfandre@pippen.bulls.comp

You should just be able to start the ftp daemon on a higher port and open a
hole up with ipchains.

# ipchains -A <internetinterface> -p TCP -s 0.0.0.0/0 0-d <ftpserver> 1025

Which opens a hole up from anyone to port 1025.

# ftpd -p 1025 -P 1024 -S

Which will start ftp with the control connection port 1025 and the data
connection port 1024. But since you only want to allow passive mode ftp, port
1024 will not be used.

I tried this an it seemed to work just fine, but let me know how it works for
you.

Clay

Bob Tanner wrote:

> How can I open up passive FTP to a box which has ipchains installed on it?
>
> The source can be anywhere and the port can be anything above 1023, the
> destination will be my ftp server, but the port is 1023 or higher.
>
> I'd prefer not to open all of that. Thanks.
>
> --
> Bob Tanner <tanner@real-time.com>       | Phone : (612)943-8700
> http://www.real-time.com                | Fax   : (612)943-8500
> Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org

References:
- ipchains and passive ftp
  - From: Bob Tanner <tanner@real-time.com>

Prev by Date: Re: [TCLUG:7171] compiling vs. RPM
Next by Date: Microsoft sees threats over developers
Prev by thread: ipchains and passive ftp
Next by thread: compiling vs. RPM
Index(es):
- Date
- Thread