???????????????
???????????????????????????ftp???????????ú???????????????????????á????????????????????????????????ftp????????????ftp???????????и?????????????????telnet???????????????????????winscp ??????????????????????????ftp??iptables ???????????ò?????е??????????????????????????????????????????????????????????....??
??????????????
????1.????е??????????м??????1???
????-A INPUT -p tcp -s 192.168.30.0/24 -p tcp -m state NEW --dport 21 -j ACCEPT
????-A INPUT -m state --state ESTABLISHED??RELATED -j ACCEPT
????2.?????????????????????????????ftp????????????????????г?????


????
?1.


????
?2.

????3.??????iptables ??????????У?????????????????????????????????????????Ч?????£?
????sed -i '$ a IPTABLES_MODULES="ip_conntrack_ftp"' /etc/sysconfig/iptables-config
???????????iptables?????????ftp???????????????С?ip_conntrack_ftp?????????????ftp??????
??????????????
????1.?漰???????????????
???????????? client ??????????? port1 ????? server?? 21 ???????server?????21??????????????????client?????????????? port 2???????????????????????????????????????20?????????????????client????????port 2????
???????????????????????????????????ftp ??????20?????port 2 ??????????????????????????????
???????????


???????????????????ο?????

????????????client???????????? ?????ftp server ??21 ??????????PASV????? server ???? client???????clinet ?? ????????????? port 3 ????????????ɡ???? client ????? server ????? ??????ip+port3?? ??????? client ???????????????????? port 4 ???? port 4????????????? port3 ????????client ??server ???????????????????
???????????


???????????????ο?????

????2. ???????????tcpdump ????????????????????????????????????????????