Iptables -A OUTPUT -p tcp -m tcp -dport 21 -m conntrack -ctstate NEW,ESTABLISHED -j ACCEPT -m comment -comment "Allow ftp connections on port 21"Īllow FTP port 20 for active connections incoming and outgoing iptables -A INPUT -p tcp -m tcp -dport 20 -m conntrack -ctstate ESTABLISHED,RELATED -j ACCEPT -m comment -comment "Allow ftp connections on port 20" See the following configuratonįirst load the following module to make sure passive ftp connections are not rejected modprobe ip_conntrack_ftpĪllow FTP connections on port 21 incoming and outgoing iptables -A INPUT -p tcp -m tcp -dport 21 -m conntrack -ctstate ESTABLISHED,NEW -j ACCEPT -m comment -comment "Allow ftp connections on port 21" So to make data transfer possible you'd need to enable port 20 as well. Port 21 is used to establish the connection.
Your ftp server needs a channel to transfer data. If iptables is enforcing, then transfer failed. If I disable iptables, I am able to transfer my backup from another machine to FTP. Loading additional iptables modules: ip_conntrack_netbios_nīut the problem is not with that module, as I tried unloading it and still no luck. A OUTPUT -p tcp -m tcp -sport 20 -j ACCEPTĪlso, by default, ip_conntrack_netbios_n module is getting loaded. A INPUT -j REJECT -reject-with icmp-port-unreachable A INPUT -p tcp -m state -state ESTABLISHED -j ACCEPT A INPUT -p tcp -m tcp -dport 21 -j ACCEPT
0 kommentar(er)
