vsftpd modul helper (ip_conntrack)
# /etc/sysconfig/iptables
add the lines to open port tcp 21 for vsftpd
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
# /etc/sysconfig/iptables-config
edit the lines below
# Load additional iptables modules (nat helpers)
# Default: -none-
#
#
IPTABLES_MODULES="ipconntrack_ftp ip_nat_ftp"
#
#
restart service
# service iptables restart
The ip conntrack ftp module is used by iptables to listen to traffic and allow connections to the data ports (20). This allows an FTP server to operate on a machine which is running a firewall. Without this option passive ftp will not work.
Another option is just skip this module assign min and max pass ranges in vsftpd and open those ports.
source:
http://www.cyberciti.biz/tips/rhel-fedora-centos-vsftpd-installation.html
# /etc/sysconfig/iptables
add the lines to open port tcp 21 for vsftpd
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
# /etc/sysconfig/iptables-config
edit the lines below
# Load additional iptables modules (nat helpers)
# Default: -none-
#
#
IPTABLES_MODULES="ipconntrack_ftp ip_nat_ftp"
#
#
restart service
# service iptables restart
The ip conntrack ftp module is used by iptables to listen to traffic and allow connections to the data ports (20). This allows an FTP server to operate on a machine which is running a firewall. Without this option passive ftp will not work.
Another option is just skip this module assign min and max pass ranges in vsftpd and open those ports.
source:
http://www.cyberciti.biz/tips/rhel-fedora-centos-vsftpd-installation.html
Comments
Post a Comment