Setting up the firewall for Passive FTP

Setting up the firewall for Passive FTP: (APF Firewall)

1.Open your APF configuration file with your favorite editor. This configuration file is usually located at: /etc/apf/conf.apf

vi /etc/apf/conf.apf

2. Select a port range to use for the passive FTP connection, and find the line that looks like this:

IG_TCP_CPORTS=”20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 993, 995, 2082, 2083, 2086, 2087, 2095, 2096, 3306″

If this list of ports already includes a port range above 20000, then you can skip onto configuring your FTP Server, but remeber the range listed. (20000 to 30000 would be written as 20000_30000)

3. Add the port range to the end of the line and within the quotation marks(”). Remeber each port/port range is seperated by a comman(,), and a port range between 35000 to 36000 is written as 35000_36000 .

IG_TCP_CPORTS=”20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 993, 995, 2082, 2083, 2086, 2087, 2095, 2096, 3306, 35000_36000″

3. Save and restart your firewall.

To restart your firewall:

/etc/init.d/apf restart

Tags: ,

Trackback URI | Comments RSS

Leave a Reply

You must be logged in to post a comment.