IPFW rules for blocking ftp

Z

zambombas

How can I block ftp with ipfw? I try the next
Code: 
ipfw -q add deny all from any to me 21
but still I can log in from another PC. Thanks.
 
When you do not use a serial number for the rule, then it is simply added to the end of the rule list. So, quite possibly your rule blocks nothing, because there is another rule before in the rule list, that allows everything.

Issue the following command, in order to find out the active rules and their respective order:

# ipfw -d show

Your blocking rule must come before any rule that would implicitly allow the same.

Best regards

Rolf
 
You can check the following:
  • "me" in ipfw context means "any IP address configured on an interface in the system". Is your ftpd running on one of those IPs? If not, your rule isn´t really blocking ftp.
  • Maybe in your ruleset there is a rule before which allow access to your ftpd. Note that ipfw is a "first packet wins" packet filter.
 
rolfheinrich said:
When you do not use a serial number for the rule, then it is simply added to the end of the rule list. So, quite possible your rule blocks nothing, because there is another rule before in the rule list, that allows everything.

Issue the following command, in order to find out the active rules and their respective order:

# ipfw -d show

Your blocking rule must come before any rule that would implicitly allow the same.

Best regards

Rolf
Click to expand...

That's it! Thank you.
 
johnd said:
You can check the following:
  • "me" in ipfw context means "any IP address configured on an interface in the system". Is your ftpd running on one of those IPs? If not, your rule isn´t really blocking ftp.
  • Maybe in your ruleset there is a rule before which allow access to your ftpd. Note that ipfw is a "first packet wins" packet filter.
Click to expand...

Thank you too!
 
You must log in or register to reply here.
Back
Top