TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ipchains and RH 6.0



Well, I thought I should make the move to ipchains, since I am now running RH
6.0. But I have run into a snag.

With ipchains I am unable to figure how to do ftp.

I am not masqurading, just blocking. My workstation has a valid IP address, I
am just working on the input chain.

After I make an outgoing ftp connection, the ftp server is going to respond
back to me with the ftp-data part, but when I hit my favorite ftp sites,
ipchains is reporting:

May 29 05:04:41 mordent kernel: Packet log: lockdown DENY eth0 PROTO=6
206.10.252.12:4697 206.145.104.172:3248 L=44 S=0x00 I=61415 F=0x0000 T=61

This is me typing dir after I have sucessfully logged into the ftp server. It
looks like the server is sending back the ftp-data connection on some
random(?) port.

How do I assocate this connection with my inital ftp request?


-- 
Bob Tanner <tanner@real-time.com>       | Phone : (612)943-8700
http://www.real-time.com                | Fax   : (612)943-8500
Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9