[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Monday 24 January 2005 2:28 pm, David Bell wrote: > On Monday 24 January 2005 12:35, Neil Williams wrote: > > ?? All the routers I've ever seen come with a built-in firewall that > > closes every port to access from the internet. It's a basic feature of > > all routers.?? > > My Creative router modem (8133u-c1) has no firewall Creative® Broadband Blaster DSL Router 8133U Dynamic IP addressing provides increased security and privacy > , as a result I get > perfect apt downloads, but http://www.pcflank.com tell me that ports are > visible on it (port 80, plus several 4 figure ports) Interesting ports on XX.X.XX.XXX: (The 1661 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 21/tcp open ftp 80/tcp open http Port 80 allows connection but produces a 403: Forbidden. Port 21 doesn't actually connect. > so I hesitate to use > it despite having Guarddog installed. This is probably where you are having problems with apt. Make sure you can FTP to a server because FTP needs 21 to connect but uses higher ports for transmission. Ports between 1024 and 5999 need to be open for ftp-data I've only got the ipchains reference, it should be only used as a guide for iptables: ipchains -A input -p TCP -s 0/0 ftp-data \ -d $MYIP 1024:5999 -j ACCEPT I did convert that to iptables once but I haven't got the script anymore. Basically, GuardDog should allow connections from anywhere on the internet using port 20 (ftp-data) to your IP via ports from 1024 to 5999, otherwise FTP (and apt if you've set it to ftp) will fail. > > Thanks Neil - I'm relying on you! Please don't do that, I've got too much on to pursue this much further, that's why this is done via a list.