[Users] openvz and ftp connection tracking for non-default ports
Anatoly Pugachev
matorola at gmail.com
Mon Jun 18 04:32:54 EDT 2012
On Thu, May 24, 2012 at 11:44 AM, David Oppermann <dop at sil.at> wrote:
> Hello,
>
> I've got a hylafax install inside an openvz container. Now I'd like to run
> a firewall as well.
>
> I load the firewall modules for ftp connection tracking on the host machine
> and with the following line in the containers config file:
>
> IPTABLES="ipt_REJECT ipt_tos ipt_TOS ipt_LOG ip_conntrack ipt_limit
> ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl
> ipt_length ipt_state iptable_nat ip_nat_ftp ip_conntrack_ftp ipt_conntrack
> ip_tables"
>
> Now my Problem is that it works for Port 21 only and I'm unable to set the
> parameters for the module.
>
> Is there a way to set the parameters for the ftp connection tracking module
> like "ports=21,4559"?
modprobe ip_conntracl_ftp ports=21,2021,3021
modprobe ip_nat_ftp ports=21,2021,3021
(see "modinfo ip_conntrack_ftp")
More information about the Users
mailing list