Re: FTP and Firewall



On Feb 20, 1:43 am, Stephane M <Steph...@xxxxx> wrote:
Hi,

I wish to use my Firewall

I am using CentOS v 4.4 and I did use the Firewall setup available on
the GYI
[ Enable the Firewall and Accept FTP, WWW ]

1) the web works fine !!1

2) The FTP site doesn't work
I edit my /etc/sysconfig/iptables

- A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j
ACCEPT

- Is there something wrong with that ?

3) All this settings are configure via their port.
Now, suppose that I wish to disable (or Enable) an application like SAMBA
- How can I do that ?

Thanks very much for your help

Stephane


Unless you are very familiar with how iptables work, editing /etc/
sysconfig/iptables is not usually the best option. Instead you can use

iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -p udp --dport 21 -j ACCEPT

Also, after making any changes to your firewall rules, do a
service iptables save --> saves the rules ( puts a copy of the old
rules in /etc/sysconfig/iptables.save)
and make sure firewall is on in the appropriare levels ( chkconfig --
list iptables)


As to your question regarding samba. Samba allows access control
through it's configuration file. Check man smb.conf for various
options you can use within it's conf file to restrict users and/ or
hosts.

hth,
Kalyan

.