[Firehol-support] FTP rule problem (bug?)
Goetz Bock
bock at blacknet.de
Mon Apr 25 11:22:13 BST 2005
> On Monday 25 April 2005 00:38, Costa Tsaousis wrote:
> > Don't drop ftp. Just don't say anything about it and it will be dropped
> > automatically without any side-effects to your other services.
>
> The reason to specifically drop it where I do is to prevent random packets
> from showing up in syslog under the normal "fall off the end" log and drop
> rules. I know I'm not running ftp, and I don't want to see people probing
> that port.
use
client all accept
server ftp drop
this will allow the related connections from the clients but drop the
incomming connections to the ftp server.
(I do this with smb all the time ;-))
--
/"\ Goetz Bock at blacknet dot de -- secure mobile Linux everNETting
\ / (c) 2004 Creative Commons, Attribution-ShareAlike 2.0 de
X [ 1. Use descriptive subjects - 2. Edit a reply for brevity - ]
/ \ [ 3. Reply to the list - 4. Read the archive *before* you post ]
More information about the Firehol-support
mailing list