如果我停止 IPTables 服务,我的 ftp 服务器将按预期工作。但是,启用后我无法连接(在进行身份验证之前)。
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:http
ACCEPT tcp -- anywhere anywhere tcp dpt:https
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:rndc
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere localhost tcp dpt:mysql
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps
ACCEPT tcp -- localhost anywhere tcp dpt:sunrpc
ACCEPT tcp -- localhost anywhere tcp dpt:imap
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere tcp flags:ACK/ACK
ACCEPT all -- anywhere anywhere state ESTABLISHED
ACCEPT all -- anywhere anywhere state RELATED
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
ACCEPT all -- anywhere anywhere helper match "ftp"
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp spt:ftp-data
答案1
您对 ftp 连接有全部拒绝和接受。更改您的订单!