proftpd的iptables设置

技术分享 Story 77浏览 0评论
摘要

proftpd的iptables设置

proftpd的iptables设置
proftp

vi proftpd.conf

PassivePorts min-pasv-port max-pasv-port
PassivePorts 60000 65000

Min-pasv-port must be port >= 1024.

iptables

iptables -F
iptables -P INPUT DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp -m multiport --dports 21,22 -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 60000:65000 --syn -j ACCEPT

 

[root@sing2 ~]# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere multiport dports ftp,ssh,mysql
ACCEPT tcp -- anywhere anywhere tcp dpts:60000:65000 flags:SYN,RST,ACK/SYN
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

转载请注明:成长的对话 » proftpd的iptables设置