Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-25 Thread Nels Lindquist
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2018/05/23 8:24 AM, Nicolas Kovacs wrote: > I'm currently setting up a local FTP server, to receive disk images > sent with G4L (Ghost4Linux). > > This server has been running Slackware Linux before, and the > Vsftpd setup was relatively simple.

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-25 Thread Nicolas Kovacs
Le 23/05/2018 à 17:01, Pete Biggs a écrit : > FTP uses two ports - in active mode the server uses 21 for command and > 20 for data after the initial connection. In passive mode it uses 21 > for command and a high random port number for data. What is happening > is that you are blocking the high

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread m . roth
Nicolas Kovacs wrote: > Le 23/05/2018 à 16:58, m.r...@5-cent.us a écrit : >> A suggestion: once you've got the firewall issue dealt with, set selinux >> into permissive mode; *then* you can figure out what it's complaining >> about, while at the same time, your system will be available. Once >>

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread Nicolas Kovacs
Le 23/05/2018 à 16:58, m.r...@5-cent.us a écrit : > A suggestion: once you've got the firewall issue dealt with, set selinux > into permissive mode; *then* you can figure out what it's complaining > about, while at the same time, your system will be available. Once you've > fixed those issues,

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread Nicolas Kovacs
Le 23/05/2018 à 17:01, Pete Biggs a écrit : > You could use active transfer and open port 20, or you could use > passive, which is more "secure", and allow connections to high port > numbers. > > Search for active vs passive ftp for more info. That helped, thanks. I added the following to

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread m . roth
Nicolas Kovacs wrote: > Hi, > > I'm currently setting up a local FTP server, to receive disk images sent > with G4L (Ghost4Linux). > > This server has been running Slackware Linux before, and the Vsftpd > setup was relatively simple. > > With CentOS things seem to be slightly different, so I'm

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread m . roth
Nicolas Kovacs wrote: > Le 23/05/2018 à 16:36, Nux! a écrit : >> Try "iptables -I INPUT" for your FTP rule. > > Doesn't work. I redirected all my errors to /var/log/messages, so here's > what I get when I try to connect Filezilla to that server. > > May 23 16:48:58 c7-server kernel: +++ IPv4

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread Stephen John Smoogen
On 23 May 2018 at 11:05, Stephen John Smoogen wrote: > On 23 May 2018 at 10:24, Nicolas Kovacs wrote: >> Hi, >> >> I'm currently setting up a local FTP server, to receive disk images sent >> with G4L (Ghost4Linux). >> >> This server has been running

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread Stephen John Smoogen
On 23 May 2018 at 10:24, Nicolas Kovacs wrote: > Hi, > > I'm currently setting up a local FTP server, to receive disk images sent > with G4L (Ghost4Linux). > > This server has been running Slackware Linux before, and the Vsftpd > setup was relatively simple. > > With CentOS

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread Pete Biggs
> Doesn't work. I redirected all my errors to /var/log/messages, so here's > what I get when I try to connect Filezilla to that server. > > May 23 16:48:58 c7-server kernel: +++ IPv4 packet rejected +++ IN=enp0s3 > OUT= MAC=08:00:27:00:00:03:d4:85:64:b2:b2:1b:08:00 SRC=192.168.2.2 >

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread Nicolas Kovacs
Le 23/05/2018 à 16:36, Nux! a écrit : > Try "iptables -I INPUT" for your FTP rule. Doesn't work. I redirected all my errors to /var/log/messages, so here's what I get when I try to connect Filezilla to that server. May 23 16:48:58 c7-server kernel: +++ IPv4 packet rejected +++ IN=enp0s3 OUT=

Re: [CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread Nux!
t; Sent: Wednesday, 23 May, 2018 15:24:45 > Subject: [CentOS] Vsftpd vs. iptables firewall script > Hi, > > I'm currently setting up a local FTP server, to receive disk images sent > with G4L (Ghost4Linux). > > This server has been running Slackware Linux before, an

[CentOS] Vsftpd vs. iptables firewall script

2018-05-23 Thread Nicolas Kovacs
Hi, I'm currently setting up a local FTP server, to receive disk images sent with G4L (Ghost4Linux). This server has been running Slackware Linux before, and the Vsftpd setup was relatively simple. With CentOS things seem to be slightly different, so I'm currently trying to work things out. For