B.L.U.F. (bottom line up front)
Are these rules ok that I added to my IPTables, or will they cause me great sorrow?
-A OUTPUT -p tcp .dport 21 -m state .state NEW,ESTABLISHED -j ACCEPT
-A INPUT -p tcp .sport 21 -m state .state ESTABLISHED -j ACCEPT
-A INPUT -p tcp .sport 20 -m state .state ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -p tcp .dport 20 -m state .state ESTABLISHED -j ACCEPT
Background:
Details:
Question:
Thanks for the help
~Mark
Are these rules ok that I added to my IPTables, or will they cause me great sorrow?
-A OUTPUT -p tcp .dport 21 -m state .state NEW,ESTABLISHED -j ACCEPT
-A INPUT -p tcp .sport 21 -m state .state ESTABLISHED -j ACCEPT
-A INPUT -p tcp .sport 20 -m state .state ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -p tcp .dport 20 -m state .state ESTABLISHED -j ACCEPT
Background:
- I've spent the last 2 days trying to get my polycoms to download their configs from my server. It took a lot of time but I narrowed the problem down to iptables not allowing connections to VSFTPD (I'm a noob so it took a while). So then I spent more time trying to find iptables entries that would allow the FTP to work with my polycoms.
Details:
- I know iptables already has an entry for FTP but my phones would not connect to the FTP server until I disabled IPTables, then everything would work fine.
- I found the entries listed above, added them and commented out the current entry, now all is well.
- I've setup VSFTPD and my FTP user according to http://www.sureteq.com/asterisk/polycom.htm so I think I'm fairly secure on that side.
- My FTP login would work great all the way up to the LIST command, which is when the directory/files section of my FTP client should get populated, And there it would sit, never receiving a response from VSFTPD
Question:
- So Being a total NOOB :whistlingb: I just don't have the BIG picture yet on how everything works together and wanted to make sure I didn't jack anything up by adding these entries.
Thanks for the help
~Mark
Phone System 