[an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive] (none) [an error occurred while processing this directive] [an error occurred while processing this directive] [an error occurred while processing this directive][an error occurred while processing this directive]
 
[an error occurred while processing this directive] [an error occurred while processing this directive]
Skåne Sjælland Linux User Group - http://www.sslug.dk Home   Subscribe   Mail Archive   Forum   Calendar   Search
MhonArc Date: [Date Prev] [Date Index] [Date Next]   Thread: [Date Prev] [Thread Index] [Date Next]   MhonArc
 

Re: [NETVAERK] Ultrasimpelt iptables-script på vserver



Hej Preben,

> Jeg har nedenstående indtil videre, men jeg har problemer med at
> jeg ikke kan bruge ftp fra serveren når jeg har startet firewallen.

Så mangler du sikkert at tillade "nogen" at oprette den ekstra
forbindelse der bliver brugt til FTP.

> Jeg kan ikke indlæse moduler, men en lsmod giver som nedenstående.

Det er vist øv, jvnf. modul listen nedenfor.

> Er der nogen der kan give et hjælpefuldt hint til hvad jeg mangler?

Det tror jeg.


> # Denne virker ikke;
> # giver en "iptables: No chain/target/match by that name"
> # iptables -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED
> # -p tcp

Du mangler support for connection tracking.

> lsmod:
> vserver:~# lsmod
> Module                  Size  Used by    Tainted: P
> sg                     33700   0  (autoclean)
> vzwdog                  9376   0  (unused)
> vzdquota               21728 125
> vzmon                  76080 125
> vzfs                   29428 125
> af_packet              10792   2
> vznet                  18752 125  [vzmon]
> vzdev                   1888  -1  [vzdquota vzmon vznet]
> e1000                  76256   1
> ipt_REDIRECT            2496   3
> ipt_length              2016   1
> ipt_ttl                 2080   1
> ipt_tcpmss              2528   1
> ipt_TCPMSS              3872   1
> iptable_mangle          3680   2
> iptable_filter          3584   2
> ipt_multiport           2304   1
> ipt_limit               2624   1
> ipt_tos                 1920   1
> ipt_REJECT              4416   1
> ip_tables              161921376  [ipt_REDIRECT ipt_length ipt_ttl 
> ipt_tcpmss ipt_TCPMSS iptable_mangle iptable_filter ipt_multiport 
> ipt_limit ipt_tos ipt_REJECT]
> usb-uhci               24644   0  (unused)
> usbcore                69920   1  [usb-uhci]

Jeg er ikke sikker på hvad modulerne kommer til at hedde, men du
mangler connection tracking og FTP support i connection tracking.

Loader du de moduler vil begge dine problemer være løst.

Mvh. Jesper


 
Home   Subscribe   Mail Archive   Index   Calendar   Search

 
 
Questions about the web-pages to <www_admin>. Last modified 2006-02-01, 02:01 CET [an error occurred while processing this directive]
This page is maintained by [an error occurred while processing this directive]MHonArc [an error occurred while processing this directive] # [an error occurred while processing this directive] *