Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Is it possible to block an established ftp session?

    We are setting up port forwarding in our linux box, and changed the listening server from port 21 to 4123. Enabled port forwarding:

    ACCEPT tcp -- anywhere tcp dpt:4123

    Then we establish the ftp session.

    Once we are connected, we delete the port forwarding entry, but the ftp session stays active. It only blocks (or doesn't port fwd) for new requests. We've tried adding a DROP chain in the iptables:

    iptables -I PORTFWD 1 -p tcp --dport 21 -d -m state --state ESTABLISHED,RELATED -j DROP

    This is added during the active session but no luck in stopping the existing session. The session is still active. Is there a way to do this? Thanks.

  2. #2
    Linux Enthusiast meton_magis's Avatar
    Join Date
    Oct 2006

    I'm not understanding your actual problem. Why are you doing session management through iptables??

    I don't think IPtables is meant to drop sessions that are in progress.

    What is the problem that you're trying to fix? it is better to detail the problem, and ask for a solution, instead of asking for how to get a specific solution to work.
    New to the internet, technical forums, or the hacker / open source community??
    Read this to learn good posting habits

    RHCE for RHEL version 5
    RHCT for RHEL version 4

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts