Solved

How to limit ftp access by ip address using iptables

Posted on 2011-03-03
8
517 Views
Last Modified: 2012-05-11
I would like to use iptables to limit access to ftp by ip address. What is the proper iptables syntax for that.
0
Comment
Question by:richmarotta1
  • 4
  • 4
8 Comments
 
LVL 31

Accepted Solution

by:
farzanj earned 500 total points
ID: 35029814
You can use iptables or you can use tcp wrappers.

for iptables
iptables -A INPUT -p tcp -s <SOURCE_IP_ADDR/MASK>  --dport ftp  -j ACCEPT

iptables -A INPUT -p tcp -s <SOURCE_IP_ADDR/MASK>  --dport ftp  -j DROP

edit the file /etc/hosts.allow and enter
ftpd : localhost : allow
ftpd: 192.168.0.254 : deny
0
 

Author Comment

by:richmarotta1
ID: 35031076
I only changed the ip tables portion

iptables -A INPUT -p tcp -s <SOURCE_IP_ADDR/MASK>  --dport ftp  -j ACCEPT


This worked for my ftp client but is not working for Dreamweavers ftp transer method on the same development laptop. Any ideas why dreamweaver won't connect?
 
0
 

Author Comment

by:richmarotta1
ID: 35031088
What does this do and why would this be necessary?

I got ftp to work without it.
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 31

Expert Comment

by:farzanj
ID: 35031139
You don't have to do it normally, only when you are blocking a lot of addresses/ ports etc.

On your FTP, the dreamweaver user may not be enabled.  I don't know how you are exactly doing it.
0
 

Author Comment

by:richmarotta1
ID: 35031162
I can connect to many other servers using dreamweaver so I don't think it'd the dreamweaver user on my laptop. The dreamweaver ftp client has the same server, user and pword as the ftp client.
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35031198
ok.

I don't know your architecture.  What is not working?  Are you trying to ftp to the ftp server from dreamweaver ftp client.  Is the user id that dream weaver using is accessed without a trouble without using dreamweaver?
0
 

Author Comment

by:richmarotta1
ID: 35031206
yes and yes
0
 
LVL 31

Expert Comment

by:farzanj
ID: 35031217
Check the port number that Dream Weaver trying to ftp to.  It should be 21.
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
nagios remote hosts 9 56
Linux Copy Command - All Files inc Directory 1 44
ignore other .htaccess 2 45
linux - yum package installation issue 2 16
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question