Re: [TCLUG:6207] ipchains and RH 6.0

To: tclug-list@listserv.real-time.com
Subject: Re: [TCLUG:6207] ipchains and RH 6.0
From: Bob Tanner <tanner@real-time.com>
Date: Sat, 29 May 1999 17:31:53 -0500
In-Reply-To: <000101beaa1c$4a1af740$660210ac@horatio.islandgrp.com>; from d. divine on Sat, May 29, 1999 at 04:43:27PM -0500
Mail-Followup-To: tclug-list@listserv.real-time.com
References: <19990529050635.A11950@wizard.real-time.com> <000101beaa1c$4a1af740$660210ac@horatio.islandgrp.com>

I tried this too, the SYN flags thing does not work either :--)

Quoting d. divine (divine@islandgrp.com):
> $IPCHAINS -A input -i eth1 -p tcp -s 0/0 1025:65535 -d 192.16.x.x/32
> 1025:65535 ! -y -j ACCEPT
> 
> where eth1 is external port and 192.16.x.x is the eth1 ip address
> 
> This will allow any passive ftp, real audio etc. Someone else may have some
> security concerns about this but it should only allow connections initiated
> by your host.
> 
> 
> -----Original Message-----
> From: Bob Tanner [mailto:tanner@real-time.com]
> Sent: Saturday, May 29, 1999 5:07 AM
> To: tclug-list@listserv.real-time.com
> Subject: [TCLUG:6207] ipchains and RH 6.0
> 
> 
> Well, I thought I should make the move to ipchains, since I am now running
> RH
> 6.0. But I have run into a snag.
> 
> With ipchains I am unable to figure how to do ftp.
> 
> I am not masqurading, just blocking. My workstation has a valid IP address,
> I
> am just working on the input chain.
> 
> After I make an outgoing ftp connection, the ftp server is going to respond
> back to me with the ftp-data part, but when I hit my favorite ftp sites,
> ipchains is reporting:
> 
> May 29 05:04:41 mordent kernel: Packet log: lockdown DENY eth0 PROTO=6
> 206.10.252.12:4697 206.145.104.172:3248 L=44 S=0x00 I=61415 F=0x0000 T=61
> 
> This is me typing dir after I have sucessfully logged into the ftp server.
> It
> looks like the server is sending back the ftp-data connection on some
> random(?) port.
> 
> How do I assocate this connection with my inital ftp request?
> 
> 
> --
> Bob Tanner <tanner@real-time.com>       | Phone : (612)943-8700
> http://www.real-time.com                | Fax   : (612)943-8500
> Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com
> For additional commands, e-mail: tclug-list-help@listserv.real-time.com
> Try our website: http://tclug.real-time.com
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@listserv.real-time.com
> For additional commands, e-mail: tclug-list-help@listserv.real-time.com
> Try our website: http://tclug.real-time.com

-- 
Bob Tanner <tanner@real-time.com>       | Phone : (612)943-8700
http://www.real-time.com                | Fax   : (612)943-8500
Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9

Follow-Ups:
- RE: [TCLUG:6207] ipchains and RH 6.0
  - From: "d. divine" <divine@islandgrp.com>

References:
- ipchains and RH 6.0
  - From: Bob Tanner <tanner@real-time.com>
- RE: [TCLUG:6207] ipchains and RH 6.0
  - From: "d. divine" <divine@islandgrp.com>
- RE: [TCLUG:6207] ipchains and RH 6.0
  - From: "d. divine" <divine@islandgrp.com>

Prev by Date: Re: [TCLUG:6207] ipchains and RH 6.0
Next by Date: RE: [TCLUG:6207] ipchains and RH 6.0
Prev by thread: RE: [TCLUG:6207] ipchains and RH 6.0
Next by thread: RE: [TCLUG:6207] ipchains and RH 6.0
Index(es):
- Date
- Thread