Hello, I searched the archives mailing list of LARTC. Everyone discussed about marking outbound ftp traffic . I could not find any thread discussed about marking inbound ftp traffic. With inbound ftp traffic , we don''t know the random ports specified by ftp servers in passive mode ? So marking inbound ftp traffic is impossible ? If it is possible, can you tell me, Thanks in advance, nhgiang __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
ngo giang wrote:> Hello, > > I searched the archives mailing list of LARTC. Everyone discussed about > marking outbound ftp > > traffic . I could not find any thread discussed about marking inbound > ftp traffic. > > With inbound ftp traffic , we don''t know the random ports specified by > ftp servers in passive mode ? > > So marking inbound ftp traffic is impossible ? > > If it is possible, can you tell me, > > Thanks in advance, > > nhgiangUse CONNMARK and owner match. For example, to mark incoming and ougoing packets of vsftpd with fwmark 12 use the following ... iptables -t mangle -A OUTPUT -j CONNMARK --restore-mark iptables -t mangle -A OUTPUT -m owner --cmd-owner vsftpd -j MARK-set-mark 12 iptables -t mangle -A OUTPUT -j CONNMARK --save-mark _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
ngo giang wrote:> Hello, > > I searched the archives mailing list of LARTC. Everyone discussed about marking outbound ftp > > traffic . I could not find any thread discussed about marking inbound ftp traffic. > > With inbound ftp traffic , we don''t know the random ports specified by ftp servers in passive mode ? > > So marking inbound ftp traffic is impossible ? > > If it is possible, can you tell me, > > Thanks in advance, > > nhgiangThere''s an ftp protocol netfilter match - if you are conntracking maybe that will do it - never tested it myself. Andy. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/