Results 1 to 2 of 2
We are setting up port forwarding in our linux box, and changed the listening server from port 21 to 4123. Enabled port forwarding: ACCEPT tcp -- anywhere 192.168.1.62 tcp dpt:4123 ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 02-09-2011 #1
- Join Date
- Feb 2011
Is it possible to block an established ftp session?
We are setting up port forwarding in our linux box, and changed the listening server from port 21 to 4123. Enabled port forwarding:
ACCEPT tcp -- anywhere 192.168.1.62 tcp dpt:4123
Then we establish the ftp session.
Once we are connected, we delete the port forwarding entry, but the ftp session stays active. It only blocks (or doesn't port fwd) for new requests. We've tried adding a DROP chain in the iptables:
iptables -I PORTFWD 1 -p tcp --dport 21 -d 192.168.1.62 -m state --state ESTABLISHED,RELATED -j DROP
This is added during the active session but no luck in stopping the existing session. The session is still active. Is there a way to do this? Thanks.
- 02-09-2011 #2
I'm not understanding your actual problem. Why are you doing session management through iptables??
I don't think IPtables is meant to drop sessions that are in progress.
What is the problem that you're trying to fix? it is better to detail the problem, and ask for a solution, instead of asking for how to get a specific solution to work.New to the internet, technical forums, or the hacker / open source community??
Read this to learn good posting habits http://www.catb.org/~esr/faqs/smart-questions.html
RHCE for RHEL version 5
RHCT for RHEL version 4