1. IPTables configuration.
If you have IPTables firewall enabled add rule
-A INPUT -m state –state NEW -m tcp -p tcp –dport 63000:65535 -j ACCEPT
to IPTables configuration file /etc/sysconfig/iptables
and restart IPTables service:
# /sbin/service iptables restart
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
iptables: Applying firewall rules: [ OK ]
#
To check if your new rule active run command:
# /sbin/iptables -vnL –line-numbers |more
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
…
11 62 3720 ACCEPT tcp — * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:63000:65535
2. ProFTPD server configuration.
First step before making any changes to configuration files is to create backup:
# cp -fvp /etc/proftpd.conf /etc/proftpd.conf.bak
Second step is to check service configuration to make sure it is correct.
# proftpd -td10
Checking syntax of configuration file
…
Syntax check complete.
Add configuration lines to config file /etc/proftpd.conf:
MasqueradeAddress shkodenko.com
PassivePorts 63000 65535
under
ServerName “ProFTPD”
directive
Check service configuration to make sure it is correct after applying our changes.
# proftpd -td10
Checking syntax of configuration file
…
Syntax check complete.
Restart service.
If your ProFTPD server installed as part of xinetd:
# /sbin/service xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
If your ProFTPD server installed as standard Linux service:
# /sbin/service proftpd restart
or
# /etc/init.d proftpd restart
he he, just wanted to tell you, I enjoyed this article. It was inspiring. Keep on posting!
Ohh, just wanted to say, I enjoyed this blog post.
It was funny. Keep on posting!