Mailinglist Archive: opensuse-security (260 mails)

< Previous Next >
webserver behind firewall with ingoing and outgoing ftp ?
Hello,

i need to set up a webserver behind a ipchains packet-filter.
In the firewals config-file eth0 is the external- and eth1 the
dmz-device.
There have to be ingoing _and_ outgoing ftp-connections to the
webserver.

So the first problem: How can I handle it to not simply forward
all high ports to the Webserver ? I tried it with fwproxy, but
it hangs after entering the login name (just like having not allowed
ftp connections via hosts.deny - but then I wouldn't even get
a login prompt).

The second problem: outgoing ftp-connections work fine if i enable
masquerading for the webserver - evident - , but then I can't get any
connections to the webserver, cause the replies are being masqueraded
- evident too.

So, is there a simple way to get this to work ?

Thank you in advance!
Tobias

< Previous Next >
This Thread
  • No further messages