[Firehol-support] Blocked FTP access

Costa Tsaousis costa at tsaousis.gr
Tue Dec 11 21:20:53 GMT 2007


Richard Williams wrote:
>
> Hi
>
>  
>
> My firehol configuration allows external access to the FTP server but 
> some people trying to access it are blocked and this is what is in the 
> log (IP address changed to protect the innocent):
>
>  
>
> Dec 10 10:27:52 mail kernel: NEW TCP w/o SYN:IN=eth1 OUT= 
> MAC=00:11:95:65:2a:03:00:a0:c5:42:d7:d9:08:00 SRC=218.202.81.131 
> DST=my_ip_addr LEN=63 TOS=0x00 PREC=0x00 TTL=43 ID=48682 DF PROTO=TCP 
> SPT=37216 DPT=21 WINDOW=730 RES=0x00 ACK PSH URGP=0
>
>  
>
> I can’t work out why this is happening.  Any ideas or suggestions?
>
>  
>
> Regards
>
>  
>
> Richard Williams
>
>  
>
Richard,

Have you updated your RESERVED_IPS to the latest IANA reservations? If 
you haven't, please check the mailing list a few days back, there is a 
discussion about RESERVED_IPS and how to update it.

If RESERVED_IPS is updated, please help me understand:

1. Are these logs related to the blocked parties, or you just found them 
and you guessed that they may have something to do with it?

2. Which version of kernel and iptables you run?

Costa






More information about the Firehol-support mailing list