[prev in list] [next in list] [prev in thread] [next in thread]
List: cobalt-users
Subject: Re: [cobalt-users] FTP Problems
From: "Todd W" <twooly () mchsi ! com>
Date: 2003-04-30 1:09:27
[Download RAW message or body]
Anyone have any thoughts on this?
Thanks
--Todd
----- Original Message -----
From: "Todd W"
To: <
Sent: Monday, April 28, 2003 7:46 PM
Subject: [cobalt-users] FTP Problems
> I just recently installed a firewall on my server now I am having troubles
> ftp files off the server to a different location my raqbackup fails now.
> Basicly what happens is this:
>
> [admin logs]$ ftp domain.com
> Connected to home.toddwoolums.com.
> 220 ProFTPD 1.2.5 Server (ProFTPD) [My Backup Server]
> Name (domain.com:admin): user
> 331 Password required for backup.
> Password:
> 230 User user logged in.
> Remote system type is UNIX.
> Using binary mode to transfer files.
> ftp> send output-ftptest.log
> local: output-ftptest.log remote: output-ftptest.log
> 200 PORT command successful.
> 421 No Transfer Timeout (300 seconds): closing control connection.
>
> Just times out.
>
> Here is my firewall rule
> ipchains -A input -i eth0 -p tcp --destination-port 137 --syn -j DENY
> # TCP
> # serve ftp for NON-passive clients_ONLY_
> ipchains -A input -i eth0 -p tcp --destination-port 20:21 --syn -j
ACCEPT -l
> # serve ssh - 2828
> ipchains -A input -i eth0 -p tcp --destination-port 2828 --syn -j
ACCEPT -l
> # serve smtp - 25
> ipchains -A input -i eth0 -p tcp --destination-port 25 --syn -j ACCEPT
> # serve http - 80
> ipchains -A input -i eth0 -p tcp --destination-port 80 --syn -j ACCEPT
> # serve https admin - 81
> ipchains -A input -i eth0 -p tcp --destination-port 81 --syn -j ACCEPT -l
> # serve pop3 - 110
> ipchains -A input -i eth0 -p tcp --destination-port 110 --syn -j ACCEPT
> # disallow SYN on all else
> ipchains -A input -i eth0 -p tcp --syn -j DENY -l
>
> ipchains -A input -i eth0 --source 207.218.223.135 -j DENY
> #allow gateway
> ipchains -A input -i eth0 --source mygateway -j ACCEPT
> # allow existing TCP sessions to continue
> ipchains -A input -i eth0 -p tcp -j ACCEPT
>
>
> # UDP
> # DNS response
> ipchains -A output -p udp --dport 53 -j ACCEPT
> ipchains -A input -p udp --sport 53 -j ACCEPT
>
>
>
> # ICMP allowed
> ipchains -A input -i eth0 -p icmp -j ACCEPT
>
> # serve https admin - 443
> ipchains -A input -i eth0 -p tcp --destination-port 443 --syn -j ACCEPT -l
>
>
> # disallow all else
> ipchains -A input -i eth0 -j DENY -l
>
>
> Any suggesstions so I can get my backups working again.
>
> Thanks
> --Todd
>
>
> _____________________________________
> cobalt-users mailing list
> cobalt-users@list.cobalt.com
> To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
_____________________________________
cobalt-users mailing list
cobalt-users@list.cobalt.com
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic