Simon Bolduc wrote: > > Hey All, > > I'm running an FTP server behind my Dachstein 1.01 router, and rather than > have hundreds of scanners hitting my FTP server on port 21 and try and hack > an account I'd like to move it to a different and much higher port number > (above 1024 if possible). I've checked on google but not found anything > that works. Most related articles refer to changing the ip_masq_ftp line to > read: > > ip_masq_ftp ports=port#,port# > > this doesn't seem to work - and logging into port 21 still works. I am > running Seawall 4.1.1 if that makes any difference. Any and all help is > appreciated. > > S
I can help you with a different firewall solution. I wrote a firewall for Oxygen and Dachstein that handles your simple request. I think that you may have had problems with your newish ip_masq_ftp command if the ip_masq_ftp.o modules is an older version that doesn't support it. The command you quoted is new to me, and I really shouldn't comment. If you want to try out my firewall, it's called pfw.lrp, Packet Firewall v.1.0, at ftp://ftp.schalit.net/pub/ In the /usr/local/etc/popts , the optional services file, I use the following lines to forward two different ports on my firewall to port 21 on my ftp server. YodaFtpC1=$IPX:21>$YODA:21>$WORLD:all>tcp>log \ YodaFtpC2=$IPX:710>$YODA:21>$WORLD:all>tcp>log \ That's an example of how I run what looks like an ftp server on port 710. If you try out pfw, I can walk you through it. You can fire it up without making any changes and it will work, but it won't accept any inbound services until you edit the popts file. Good Luck, Matthew _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
