Re: [Openvpn-users] Re: FTP

[Luis Daniel Lucio Quiroz <dlucio@xxxxxxxxxxx>]

You should Iptables like this

iptables -I INPUT -i tun+ -m multiport -t tcp --dports 20, 21 -j ACCEPT
iptables -I INPUT -i tap+ -m multiport -t tcp --dports 20, 21 -j ACCEPT
iptables -I INPUT -i tun+ -j DROP
iptables -I INPUT -i tap+ -j DROP

I'm not pretty sure about -m multiport sintax

Le Jeudi 05 Mai 2005 17:42, Charles Duffy a ÃcritÂ:
> On Fri, 06 May 2005 00:20:30 +0200, Claudia Scotti wrote:
> > I'd like to use OpenVPN for ftp-ing between Fedora core 3 and Windows XP
> > Home edition, but when I activate the ftp service in fedora core 3, the
> > ftp server becomes, of course, accessible also from outside the VPN. How
> > can I make ftp possible only for VPN users, blocking the extra-VPN
> > traffic?
>
> The same ways you'd make any service accessible only via a limited set of
> interfaces: OS-level firewall rules, or by telling the daemon to bind only
> to the specific interface.
>
> For the former, read the documentation on iptables (or your favorite
> frontend to the same). For the latter, read the documentation to your FTP
> server.
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: NEC IT Guy Games.
> Get your fingers limbered up and give it your best shot. 4 great events, 4
> opportunities to win big! Highest score wins.NEC IT Guy Games. Play to
> win an NEC 61 plasma display. Visit http://www.necitguy.com/?r=20
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users