Passive ftp kuralı hakkında
-
Arkadaslar selam;
bazı ftp adreslerine baglanmaya calisildiginda ( 20 veya 21 portlarını kullanmayan ftp sunucuları) bağlantı problemi yaşıyorum.
mesela ben 80 443 portları ftp portları mail portları gibi belli portlara izin veriyorum ve kalanını engelliyorum.
ama ftp portu olması gereken ftp hizmeti veren bazı adresler dynamic şekilde değişken portlardan hizmet veriyorlar ve bende bu portlar yasaklı oldugundan sıkıntı çıkıyor.
örnek loglarım aşağıdadır. bu konuda çözüm yöntemi ne olabilir.
deneme1:
Jan 17 15:59:01 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49673 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59987 TCP:S
Jan 17 15:59:02 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49673 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59987 TCP:S
Jan 17 15:59:04 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49673 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59987 TCP:Sdeneme2:
Jan 17 15:59:44 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49682 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:49485 TCP:S
Jan 17 15:59:45 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49682 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:49485 TCP:Sdeneme3:
Jan 17 16:00:20 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49694 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:64034 TCP:S
Jan 17 16:00:21 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49694 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:64034 TCP:S
Jan 17 16:00:23 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49694 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:64034 TCP:Sdeneme4:
Jan 17 16:01:31 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49701 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59199 TCP:S
Jan 17 16:01:32 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49701 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59199 TCP:S
Jan 17 16:01:34 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49701 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:59199 TCP:Sdeneme5:
Jan 17 16:02:05 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49704 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:7689 TCP:S
Jan 17 16:02:06 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49704 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:7689 TCP:Sdeneme6:
Jan 17 16:04:02 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49718 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:37155 TCP:S
Jan 17 16:04:03 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49718 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:37155 TCP:S
Jan 17 16:04:05 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49718 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:37155 TCP:Sdeneme7:
Jan 17 16:05:08 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49721 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:12484 TCP:S
Jan 17 16:05:09 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49721 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:12484 TCP:S
Jan 17 16:05:12 LAN0 Icon Reverse Resolve with DNS Icon Easy Rule: Add to Block List 172.16.100.100:49721 Icon Reverse Resolve with DNS Icon Easy Rule: Pass this traffic 130.246.19.134:12484 TCP:S -
ftp server lara giden kural oluşturup port aralığı belirleyeiblirsin veya bütün portlarıda açabilirsin.