Hi,
Following is the output of iptables -S command
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -s 192.168.0.5/32 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 192.168.0.5/32 -p udp -m udp --dport 22 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -p udp -m udp --dport 20 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -p udp -m udp --dport 21 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -s 192.168.0.0/24 -p tcp -m tcp --dport 20 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
I don't understand iptables too much but what I want is that anonymous user can execute ls command on ftp prompt.
/etc/sysconfig/iptables-config file has the following line which I guess is required.
IPTABLES_MODULES="nf_conntrack_ftp nf_nat_ftp"
Still when I log into the ftp user using thourgh anonymous user, I can't do ls.
Following is what I get
ftp> ls
550 Permission denied.
Passive mode refused.
How can I resolve this issue?