Streamlining Iptables for FTP and SMB/CIFS Traffic

Filed under
HowTos

There is an article at nixCraft on Connecting a Linux or UNIX system to Network attached storage device. The article itself is a good one, except for the part about iptables firewall rules to permit FTP and SMB/CIFS traffic between the Linux client and NAS. The errors are common misconceptions, so I thought I'd mention them, and show the standard iptables usage.

First, iptables, along with all modern firewalling systems, is a stateful firewall. That means it will record the "state" of new network onnections, and allow future packets that are related to or part of an established connection to traverse the firewall rules. While iptables can be used as a simple packet filter, it is usually not, since using it in this way results in more complex, less secure firewall rulesets.

Full Story.