[Zope] iptables rules for zope webserver

Jianping Zhu zjp@arches.uga.edu
Sun, 1 Dec 2002 22:51:32 -0500 (EST)


I have a redhat linux 7.1 server with a zope websever on it. I use
iptables
as firewall. following is the iptables rules for zope: 

#===========================================================
## Zope
iptables -= INPUT -i $IFACE -p tcp --dport 8080 -j ACCEPT

# Allow inbound ftp
iptables -A INPUT  -i $IFACE -p tcp --dport 8021 -m state --state \
 NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -o $IFACE -p tcp --storc 8021 -m state --state \
 ESTABLISHED -j ACCEPT
#=======================================================================

I am trying to use ws_ftp to send files to zope sever via port 8021 ( in
ws_ftp
session property->advanced i set remote port as 8021 and checked passive
transfers).  If I stop iptables, i can conect to zope via ftp (port 8021)
and ftp files to zope. If the iptables is on,  it still can connect to
zope but i can not see the directories in the remote site text filed of
the ws_ftp
windows. it seems that it can connect to zope but can not display the
directories in zope. and i failed to ftp it the zope server.
Therefore, i believe the above iptalbles rules for zope have problem. how
can i
fix this problem and let zope ftp work?
Any suggestion will be greatly appreciated.

Jianping