View Full Version : bastille-firewall -- causes ftp to not work properly
mxc
14th February 2007, 20:59
Hi there,
I can login via ftp to the ispconfig server but when I do an "ls" the ftp client just hangs and nothing happens. This is when the bastille firewall is on. When I turn the firewall off the ftp client works just fine.
I haven't had this problem on other ispconfig installation so don't know why its happening on this one. I usually use Centos but this installation is using Debian as php5 is needed for the web server.
Any ideas --- should I adjus the iptable rules? The server is also running in a virtual machine on xen.
mxc
14th February 2007, 21:59
Here is the output of iptables --list
==========================================
Chain INPUT (policy DROP)
target prot opt source destination
DROP tcp -- anywhere 127.0.0.0/8
ACCEPT all -- anywhere anywhere
DROP all -- 224.0.0.0/4 anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
PUB_IN all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
PUB_OUT all -- anywhere anywhere
Chain INT_IN (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain INT_OUT (0 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain PAROLE (9 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain PUB_IN (4 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp echo-request
PAROLE tcp -- anywhere anywhere tcp dpt:ftp
PAROLE tcp -- anywhere anywhere tcp dpt:ssh
PAROLE tcp -- anywhere anywhere tcp dpt:smtp
PAROLE tcp -- anywhere anywhere tcp dpt:domain
PAROLE tcp -- anywhere anywhere tcp dpt:www
PAROLE tcp -- anywhere anywhere tcp dpt:81
PAROLE tcp -- anywhere anywhere tcp dpt:pop3
PAROLE tcp -- anywhere anywhere tcp dpt:https
PAROLE tcp -- anywhere anywhere tcp dpt:10000
ACCEPT udp -- anywhere anywhere udp dpt:domain
DROP icmp -- anywhere anywhere
DROP all -- anywhere anywhere
Chain PUB_OUT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
till
15th February 2007, 10:37
Have you tried active and passive FTP mode?
vBulletin® v3.8.4, Copyright ©2000-2009, Jelsoft Enterprises Ltd.