论坛徽章:: 0

电梯直达

1楼 [收藏(0)] [报告]

发表于 2007-09-08 10:38 |只看该作者 |倒序浏览

freebsd6.2
服务器开apache.vsftp.ssh.远程mysql. vsftp开端口50000-51000
ipfw 规则如下。
10001  271075  70594681 allow tcp from any to me dst-port 80 in
10002 15620 803514 allow tcp from any to me dst-port 21 in
10003  152170  12360854 allow tcp from any to me dst-port 22 in
10004  490091  44961618 allow ip from 127.0.0.1 to me in
10005  210983  40542237 allow tcp from any to me dst-port 3306 in
19997    0       0 check-state
19998 1177378 324528476 allow tcp from any to any out setup keep-state
19999  529944 262071273 allow tcp from any to any out
20000 20159 2933601 allow udp from any 53 to me
29999 20329 1468285 allow udp from any to any out
30000 5573 312108 allow icmp from any to any icmptypes 3
30001    0       0 allow icmp from any to any icmptypes 4
30002    158    13272 allow icmp from any to any icmptypes 8 out
30003    147    12348 allow icmp from any to any icmptypes 0 in
30004    9    504 allow icmp from any to any icmptypes 11 in
30204    214    13544 allow ip from any to me dst-port 20
30704    78    70709 allow ip from any to me dst-port 50000-51000
65535  121791  15044688 deny ip from any to any

vsftpd.conf--------

listen=YES
background=YES
ftp_username=ftp
pasv_enable=YES
pasv_min_port=50000
pasv_max_port=55000

local_enable=YES

write_enable=YES

dirmessage_enable=YES

xferlog_enable=YES

connect_from_port_20=YES

data_connection_timeout=1

secure_chroot_dir=/usr/local/share/vsftpd/empty

使用flashfxp 连接执行到list -al 时卡住，过一会提示：Socket 连接超时。pasv 模式失败。

如果我把ipfw关掉就正常了，我的ipfw哪里配置有问题呀？

-------
没有找到删贴的地方，刚自己又看了看，太大意了。我开的是50000-55000 但我ipfw 只开了50000-51000..太粗心了。结贴了。

[ 本帖最后由 mailx8 于 2007-9-8 10:46 编辑 ]