[Firehol-support] FTP rule problem (bug?)

Costa Tsaousis costa at tsaousis.gr
Mon Apr 25 23:40:51 BST 2005


or...

define something like this:

server_ftpreq_ports="tcp/21"
client_ftpreq_ports="any"

and then:

server ftpreq drop


Regards,

Costa


On Mon, April 25, 2005 13:22, Goetz Bock said:
>
>> On Monday 25 April 2005 00:38, Costa Tsaousis wrote:
>> > Don't drop ftp. Just don't say anything about it and it will be
>> dropped
>> > automatically without any side-effects to your other services.
>>
>> The reason to specifically drop it where I do is to prevent random
>> packets
>> from showing up in syslog under the normal "fall off the end" log and
>> drop
>> rules. I know I'm not running ftp, and I don't want to see people
>> probing
>> that port.
>
> use
>
> client all accept
> server ftp drop
>
> this will allow the related connections from the clients but drop the
> incomming connections to the ftp server.
> (I do this with smb all the time ;-))
> --
> /"\ Goetz Bock at blacknet dot de  --  secure mobile Linux everNETting
> \ /       (c) 2004 Creative Commons, Attribution-ShareAlike 2.0 de
>  X   [ 1. Use descriptive subjects - 2. Edit a reply for brevity -  ]
> / \  [ 3. Reply to the list - 4. Read the archive *before* you post ]
>
>
> -------------------------------------------------------
> SF email is sponsored by - The IT Product Guide
> Read honest & candid reviews on hundreds of IT Products from real users.
> Discover which products truly live up to the hype. Start reading now.
> http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/firehol-support
>





More information about the Firehol-support mailing list