[ale] sunday morning ipchains

jason vinson jvinson at snapserver.com
Sun Aug 4 14:15:23 EDT 2002 

the modules loaded by coyote are as follows:

ip_masq_ftp
ip_masq_irc
ip_masq_autofw
ip_masq_portfw
ip_masq_quake
ip_masq_raudio
ip_masq_user
ip_masq_vdolive
ip_masq_cuseeme
ip_masq_pptp
slhc
ppp
tulip

so i have them all loaded, but i still get "connection denied".

i can't do anything other than ping the box from the outside  :(

any other ideas?
Jason

On Sun, 2002-08-04 at 13:54, Bao C. Ha wrote:
> On Sun, Aug 04, 2002 at 01:45:24PM -0400, Jonathan Glass wrote:
> 
> Hi Jason,
> 
> See if you can do FTP in passive mode.  You may need to load
> ip_masq_ftp.
> 
> Bao
> 
> > 
> > -----Original Message-----
> > From: jason vinson [mailto:jvinson at snapserver.com] 
> > Sent: Sunday, August 04, 2002 12:16 PM
> > To: ale at ale.org
> > Subject: [ale] sunday morning ipchains
> > 
> > 
> > Hi guys,
> > 
> > I am having a bit of trouble with ipchains.  I created a coyote linux
> > floppy and it runs nicely.  My home network has an ftp server on it that
> > i would like to have accesable from the outside world, but i can't seem
> > to get ipchains to work properly.  here's my rule set (keep in mind i am
> > fairly new at this):
> > 
> > /sbin/ipchains -P forward DENY
> > 
> > /sbin/ipchains -A forward -j MASQ -s $LOCAL_NETWORK/$LOCAL_NETMASK -d
> > 0.0.0.0/0
> > 
> > /sbin/ipchains -A forward -j MASQ -s 0.0.0.0/0 20:21 -p tcp -d
> > 192.168.0.10 /sbin/ipchains -A forward -j MASQ -s 0.0.0.0/0 20:21 -p udp
> > -d 192.168.0.10
> > 
> > and here's what i see from "ipchains -L":
> > 
> > Chain input (policy ACCEPT):
> > Chain forward (policy DENY):
> > target prot opt     source          destination   ports
> > MASQ   all  ------  192.168.0.0/24  anywhere      n/a
> > MASQ   tcp  ------  anywhere        192.168.0.10  ftp-data:ftp ->   any
> > MASQ   udp  ------  anywhere        192.168.0.10  20:fsp ->   any
> > Chain output (policy ACCEPT):
> > 
> > any ideas on what i should do?
> > 
> > and please be gentle  :)
> > 
> > thanks in advance.
> > Jason
> > 
> > 
> > ---
> > This message has been sent through the ALE general discussion list. See
> > http://www.ale.org/mailing-lists.shtml for more info. Problems should be
> > 
> > sent to listmaster at ale dot org.
> > 
> > 
> > ---
> > This message has been sent through the ALE general discussion list.
> > See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> > sent to listmaster at ale dot org.
> 
> -- 
> Bao C. Ha                    voice: (310) 675-3510
> 8D66 6672 7A9B 6879 85CD  42E0 9F6C 7908 ED95 6B38
> Primary Perpetrator of "Slackware Linux Unleashed"
> 
> ---
> This message has been sent through the ALE general discussion list.
> See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
> sent to listmaster at ale dot org.



---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

More information about the Ale mailing list