[prev in list] [next in list] [prev in thread] [next in thread] 

List:       l7-filter-developers
Subject:    Re: [l7-filter-developers] Can not l7-filter-user match
From:       Rôney_Eduardo_-_NTC <linux () portalinfocenter ! com ! br>
Date:       2007-12-28 14:49:00
Message-ID: 00cc01c84960$cb15f100$4b73020a () Infontc
[Download RAW message or body]


> I see, but, how can I do if the ftp server didn't use port 21 for
> command channel?
> For example: tcp/2121, tcp/1234, tcp/13579, tcp/<and so on that we don't 
> know>

 Then you will not be able to match ftp-related connection, unless you
 actually know the  port on which the server is running. If it's not the 
default port (21), you
 can do as the following:

 iptables -t mangle -A PREROUTING -p tcp -m helper --helper ftp-2121 -j 
MARK --set-mark X
 iptables -t mangle -A PREROUTING -p tcp -m helper --helper irc-6669 -j 
MARK --set-mark Y

 Regards.


> l7-filter-developers mailing list
> l7-filter-developers@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/l7-filter-developers


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
l7-filter-developers mailing list
l7-filter-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/l7-filter-developers
[prev in list] [next in list] [prev in thread] [next in thread]