Find the answer to your Linux question:
Results 1 to 5 of 5
Hi Friends, We are using Centos 6, in our system two Ethernet Cards are used one for LAN Access and another one for WAN internet. We are used for Appache ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. 12-22-2011 #1
    kavirajan
    kavirajan is offline
    Just Joined!
    Join Date
    Dec 2011
    Posts
    7

    Urgent Help: Need to Restrict Ftp on WAN Allow only on LAN

    Hi Friends,

    We are using Centos 6, in our system two Ethernet Cards are used one for LAN Access and another one for WAN internet.
    We are used for Appache server, for showing demo site to clients.

    So I need to give Restrict permission for the following.
    1. Restrict FTP access on internet WAN. Only LAN users can use FTP.
    2. In internet users (client) can only view Http site. Ftp should restricted on internet.

    Please anyone Help me. Its very Urgent.
    Reply With Quote Reply With Quote
  2. 12-22-2011 #2
    Irithori
    Irithori is online now
    Trusted Penguin Irithori's Avatar
    Join Date
    May 2009
    Location
    Munich
    Posts
    2,975
    The easiest solution is to configure, on which interfaces the http/ftp daemons listen.
    In apache, this is how it´s done:
    mpm_common - Apache HTTP Server
    You must always face the curtain with a bow.
    Reply With Quote Reply With Quote
  3. 12-23-2011 #3
    tdsan
    tdsan is offline
    Just Joined!
    Join Date
    Sep 2007
    Location
    Silver Spring, MD
    Posts
    84

    Post Restrict access to the ftp and websites

    Quote Originally Posted by kavirajan View Post
    Hi Friends,

    We are using Centos 6, in our system two Ethernet Cards are used one for LAN Access and another one for WAN internet.
    We are used for Appache server, for showing demo site to clients.

    So I need to give Restrict permission for the following.
    1. Restrict FTP access on internet WAN. Only LAN users can use FTP.
    2. In internet users (client) can only view Http site. Ftp should restricted on internet.

    Please anyone Help me. Its very Urgent.
    =========================================

    This is Tdsan, you might want to try this.

    ex - 10.10.10.0/24 - Please use your own ip subnet address

    Use this code to address the ftp issue
    Code:
    iptables -I INPUT 1 -p tcp -s 10.10.10.0/24 -m multiport --dport 21 -m state --state NEW -i eth0 -j ACCEPT
    Use this code to address the html issue, allows users from the internet to connect to the server from external connect (i.e. 192.168.1.10 - web server)
    Code:
    iptables -I INPUT 2 -p tcp -d 192.168.1.10 -m multiport --dport 80 -m state --state NEW -i eth1 -j ACCEPT
iptables -I INPUT 3 -p tcp -d 192.168.1.0/24 -m multiport 21 -i eth1 -j DROP
    Reply With Quote Reply With Quote
  4. 12-23-2011 #4
    ss81
    ss81 is offline
    Just Joined!
    Join Date
    Dec 2010
    Posts
    13
    #This will block ACCESS TO FTP FROM OUTSIDE WORLD
    iptables -I INPUT -i <WAN-Interface-name> -p tcp --dport 20 -j DROP
    iptables -I INPUT -i <WAN-Interface-name> -p tcp --dport 21 -j DROP

    # TO ALLOW ONLY WEB ACCESS FROM OUTSIDE WORLD
    iptables -I INPUT -i <WAN-Interface-name> -p tcp --dport 80 -j ACCEPT
    Reply With Quote Reply With Quote
  5. 07-11-2012 #5
    kavirajan
    kavirajan is offline
    Just Joined!
    Join Date
    Dec 2011
    Posts
    7
    Thanks for the replies.


    ________________________________________
    thekavirajan.blogspot.com
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules