I've got IPChains working...now all I need to do is get ftp working...all other services work, mail, web, plesk, ssl, but for some strange reason ftp doesnt...
I have these 2 lines for ftp in my chains file:#FTP on port 20
/sbin/ipchains -A input -i eth0 -p tcp --source-port 20 --syn -j ACCEPT -l
#FTP on port 21
/sbin/ipchains -A input -i eth0 -p tcp --destination-port 21 --syn -j ACCEPT -lPlease help, thanks alot

Originally posted by iamdave
I've got IPChains working...now all I need to do is get ftp working...all other services work, mail, web, plesk, ssl, but for some strange reason ftp doesnt...
I have these 2 lines for ftp in my chains file:#FTP on port 20
/sbin/ipchains -A input -i eth0 -p tcp --source-port 20 --syn -j ACCEPT -l
#FTP on port 21
/sbin/ipchains -A input -i eth0 -p tcp --destination-port 21 --syn -j ACCEPT -lPlease help, thanks alot

I think you should re-think that a bit. You're basically opening up _all_ ports on your server, if the source port is 20.

Have you tried both active and passive mode FTP?

Have you set your local port range?
Is that local port range open for connections?

it was destination not source...

Here's a great link that explains FTP service problems with packet filtering firewalls, especially ipchains with ip_masq.

http://www.netmax.com/fom/cache/223.html