Hi There,
We are using the standard FTP package, the Firewall Module and a server that is not behind any other firewall. I created a FTP site for one of our domains and everything works well for me. My IP address is configured in the firewall to allow access to Any Port of the server (admin rule).
I enabled the FTP Rule for one ip in the Firewall Module and noticed that it:
/sbin/iptables -A INPUT -p tcp --dport 21 -s xx.xx.xx.xx -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 21 -j DROP
I read a Plesk Knowldge Base article that says both ports 20 and 21 should be open. I created a special firewall rule to allow for this which generates:
/sbin/iptables -A INPUT -p tcp --dport 20 -s xx.xx.xx.xx -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 21 -s xx.xx.xx.xx -j ACCEPT
It is still not possible for FTP traffic to make it to the server for any ip address that is not in the admin rule (open to all ports). I tried restarting network and xinetd which did not help.
It seems like I have a firewall issue of some sort. Any ideas on how to fix this?
Thanks! Greg
We are using the standard FTP package, the Firewall Module and a server that is not behind any other firewall. I created a FTP site for one of our domains and everything works well for me. My IP address is configured in the firewall to allow access to Any Port of the server (admin rule).
I enabled the FTP Rule for one ip in the Firewall Module and noticed that it:
/sbin/iptables -A INPUT -p tcp --dport 21 -s xx.xx.xx.xx -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 21 -j DROP
I read a Plesk Knowldge Base article that says both ports 20 and 21 should be open. I created a special firewall rule to allow for this which generates:
/sbin/iptables -A INPUT -p tcp --dport 20 -s xx.xx.xx.xx -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 21 -s xx.xx.xx.xx -j ACCEPT
It is still not possible for FTP traffic to make it to the server for any ip address that is not in the admin rule (open to all ports). I tried restarting network and xinetd which did not help.
It seems like I have a firewall issue of some sort. Any ideas on how to fix this?
Thanks! Greg