Results 1 to 2 of 2

Thread: Secure settings (firewall, iptables and vsftpd)

  1. 04-08-2008, 16:25 #1
    absolon
    absolon is offline Junior Member
    Join Date
    Nov 2007
    Posts
    12

    Secure settings (firewall, iptables and vsftpd)

    Hi!

    My setup:
    - Oleg firmware
    - Vsftpd from ipkg pacakge.

    Problem
    I have no access to vsftpd from outside if firewall in WebAdmin is enabled. So the only one way to have access is to disable firewall?
    OK, let's say I will disable it. I'd like to use iptables instead. But what rules should I put in post-firewall to be still protected?

    Is it enough?

    iptables -P FORWARD DROP
    iptables -P INPUT DROP
    iptables -A INPUT --protocol tcp --destination-port 20:21 -j ACCEPT
    1. All what I want is to be protected as much as possible
    2. Have access to ftp from outside.

    By the way, I made small test (PC Flank website) with firewall (in Webadmin) enabled/disabled.

    With endabled:
    - all ports are reported as stealthed

    With firewall disabled + iptables rules shown above:
    - some ports are reported as closed
    - some 80, 21, 23, 139 are open (I don't have www server!, why port 80 is open? hmm...)
    Reply With Quote Reply With Quote
  2. 04-08-2008, 17:54 #2
    darius
    darius is offline Senior Member
    Join Date
    Jul 2008
    Posts
    133
    Hi,

    me too interested in iptables and especially in traffic shaping, traffic control
    http://tcng.sourceforge.net/
    http://www.trekweb.com/~jasonb/artic...scenarios.html
    http://www.topwebhosts.org/tools/traffic-control.php
    http://www.novell.com/communities/no...lth-monitoring

    http://www.unix.com/shell-programmin...ll-script.html

    I copy&pasted iptables/ firewall script from another thread.

    Still looking for a shell script solution to control Wifi traffic - tc (too complicated) wshaper (too complicated) ..
    any other basic solution ?


    Darius

    Quote Originally Posted by absolon View Post
    Hi!

    My setup:
    - Oleg firmware
    - Vsftpd from ipkg pacakge.

    Problem
    I have no access to vsftpd from outside if firewall in WebAdmin is enabled. So the only one way to have access is to disable firewall?
    OK, let's say I will disable it. I'd like to use iptables instead. But what rules should I put in post-firewall to be still protected?

    Is it enough?



    1. All what I want is to be protected as much as possible
    2. Have access to ftp from outside.

    By the way, I made small test (PC Flank website) with firewall (in Webadmin) enabled/disabled.

    With endabled:
    - all ports are reported as stealthed

    With firewall disabled + iptables rules shown above:
    - some ports are reported as closed
    - some 80, 21, 23, 139 are open (I don't have www server!, why port 80 is open? hmm...)
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. FTP ñåðâåð.
    By gish in forum Russian Discussion - РУССКИЙ (RU)
    Replies: 171
    Last Post: 26-04-2011, 17:46
  2. Full server config: Samba ftp http xmail mysql forum motor
    By KisVuK in forum WL-500gP Tutorials
    Replies: 14
    Last Post: 15-12-2008, 21:34
  3. vsftpd - outside access (login)
    By absolon in forum WL-500gP Q&A
    Replies: 0
    Last Post: 03-08-2008, 20:52
  4. VSFTPD
    By greengreen in forum WL-500g Q&A
    Replies: 0
    Last Post: 01-05-2008, 19:57

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules