|
|
|
|
|
|
by abbeyj
901 days ago
|
|
|
Since you're stuck using active FTP, maybe using nf_conntrack_ftp would help? I believe it is supposed to snoop the FTP connection, extract the port number from the PORT command, and then open only that port (from only that one IP) on the firewall. Of course since this is all on your LAN, just opening up all connections from the IP address is not really that dangerous and so anything more advanced might not be worth the effort. |
|
|