greengreen
01-05-2008, 19:57
HI,
on my asus is runing VSFTPD with pasiv mode but i don't know what should I write to iptables?
with this doesn't works
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-VSFTPD tcp -- anywhere anywhere tcp dpt:ftp
fail2ban-DROPBEAR tcp -- anywhere anywhere tcp dpt:ssh
MACS all -- anywhere anywhere
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW
ACCEPT all -- anywhere anywhere state NEW
ACCEPT tcp -- anywhere krakonosovo tcp dpt:www
ACCEPT tcp -- anywhere krakonosovo tcp dpt:81
REJECT tcp -- anywhere anywhere tcp dpt:auth reject-with icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:www
DROP tcp -- anywhere anywhere tcp dpt:!ssh
on my asus is runing VSFTPD with pasiv mode but i don't know what should I write to iptables?
with this doesn't works
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-VSFTPD tcp -- anywhere anywhere tcp dpt:ftp
fail2ban-DROPBEAR tcp -- anywhere anywhere tcp dpt:ssh
MACS all -- anywhere anywhere
DROP all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW
ACCEPT all -- anywhere anywhere state NEW
ACCEPT tcp -- anywhere krakonosovo tcp dpt:www
ACCEPT tcp -- anywhere krakonosovo tcp dpt:81
REJECT tcp -- anywhere anywhere tcp dpt:auth reject-with icmp-port-unreachable
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT tcp -- anywhere anywhere tcp dpt:www
DROP tcp -- anywhere anywhere tcp dpt:!ssh