FTP server a ipf

Ondra Koutek koutek at o-k.cz
Wed Mar 3 15:12:46 CET 2004

Previous message: este raz - imap-uw
Next message: FTP server a ipf
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Zdravim, mam na serveru s ipf ftp server.
Funguje s explorerem, klasickym ftp z prikazove radky, ale cuteftp si ani
neskrtne.
je to pureftp a passive range mam:

# Port range for passive connections replies. - for firewalling.
PassivePortRange          48000 50000

ipf.rules mam:

# Odmitnuti nesmyslnych packetu
block in log quick all with ipopts
block in log quick all with short

# Povoleni vseho pro localhosta
pass in quick on lo0 all
pass out quick on lo0 all

#Pravidla pro odchazejici packety
pass out on xl0 all head 100
block out from 127.0.0.0/8 to any group 100
block out from any to 127.0.0.0/8 group 100
block out from any to 81.0.254.70/32 group 100
pass out quick proto tcp from any to any port = 20 keep state group 100
pass out quick proto tcp from any to any port = 21 keep state group 100
pass out quick proto tcp from any to any port 4800 >< 5000 keep state group
100

#Pravidla pro prichazejici packety
block in on xl0 all head 200
block in from 127.0.0.0/8 to any group 200
block in from 81.0.254.70/32 to any group 200
pass in quick proto tcp from any to any port = 20 group 200
pass in quick proto tcp from any to any port = 21 group 200
pass in quick proto tcp from any to any port 4800 >< 5000 group 200


A kompilovano je to s ipf otevreno pokud neni uvedeno jinak.

Nevite co mam spatne, proc mi nejede to ftp v pasivnim rezimu?

Ondra

Previous message: este raz - imap-uw
Next message: FTP server a ipf
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users-l mailing list