Archive for the 'Media' Category

Iptables active and passive FTP in CentOS

daniel posted this on Jul 13th 2009 under Howto, Linux, Media

This is how to make sure active AND passive FTP work flawlessly with IPtables, in this case, on CentOS. In this case it was for a DirectAdmin server.
You have to look up in your ftpd config which passive FTP ports your daemon uses and use those. In my case the portrange was 35000-35999.

This is /etc/sysconfig/iptables

# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#active and passiev ftp
-A RH-Firewall-1-INPUT -p tcp --syn --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --syn --dport 20 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp --syn --dport 35000:35999 -j ACCEPT

#ssh only for me
-A RH-Firewall-1-INPUT -s 1.2.3.4 -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT

#other useful ports available to the public
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 110 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 2222 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT

Now we have to make sure some iptables modules are loaded.
Edit /etc/sysconfig/iptables-config
Make sure this line is looking like this:

IPTABLES_MODULES="ip_conntrack_netbios_ns ip_nat_ftp ip_conntrack_ftp"

Restart your iptables and test your ftp connection. It should work as expected.

2 Comments »

Tralala video clip

daniel posted this on Dec 31st 2006 under Media

Some time ago i was bored and made this video clip. For those who wonder which music i used i can say that it is from my hero Dave Clarke. Click continue to watch.

Continue Reading »

No Comments »

9 Fingers Amiga demo

daniel posted this on Dec 31st 2006 under Amiga, Media

In the days i had my Amiga 500 and this demo came out i was impressed. I created a video file from it for you to watch. Click continue to watch.

Continue Reading »

1 Comment »

Microsoft: the concept stealer

daniel posted this on Dec 28th 2006 under General, Media

This video clearly demonstrates that Microsoft is a master at stealing ideas and concepts from other OSes like OSX. Click here to watch this video and see it for yourself!

Forgot to mention: They also suck.

No Comments »

Indian Summer Festival Promo video

daniel posted this on Dec 16th 2006 under Media

Indian Summer Festival is a very cool festival at the Geestmerambacht in the Netherlands. Check out the promo video. Click continue to watch.

Continue Reading »

No Comments »