[Bug 106] New: iptables 1.2.5-3 acts differently with different RH Linux kernel versions
Thu, 26 Jun 2003 21:23:22 +0200
Summary: iptables 1.2.5-3 acts differently with different RH
Linux kernel versions
Product: iptables userspace
OS/Version: RedHat Linux
iptables 1.2.5-3 is provided with RedHat Linux 7.3.
Use a one-line iptables command to specifically reject auth (port 113) requests
when making ftp or mail requests from external servers.
iptables -A INPUT -i eth1 -p tcp \
-d <local IP address> --dport 113 -j REJECT --reject-with tcp-reset
All default policies are "ACCEPT", and there are no other iptables commands.
Then run "ftp <server-name>"
With RedHat kernel 2.4.18-3 on the client, the ftp server responds immediately
because the tcp-reset has been sent by the client in response to the auth
With Redhat kernel 2.4.20-18.7 on the client, the ftp connection hangs while
the server waits for an auth response or a reset from the client. The wait
finally times out. The ftp connection is then made.
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.