Linux Bash: Setting iptables rules to allow both active and passive FTP

Question

I have a PC on which I have a FTP server installed. I want to set the iptables rules to allow both active and passive FTP. I\'ve tried the following code that people report is w

Answer 1

That code ONLY allows incoming and outgoing FTP connections. It doesn't allow anything else in/out.

 $IPT -P INPUT DROP

Drops all incoming traffic. So if you start with that, you'll want to enable traffic into any other services you have running that you'd like to allow in. .

 $IPT -A INPUT  -p tcp --sport 21 -m state --state NEW,ESTABLISHED -j ACCEPT
 $IPT -A OUTPUT -p tcp --dport 21 -m state --state ESTABLISHED -j ACCEPT

This rule would allow incoming FTP traffic.

An explanation of what this script is/does is it deletes all of your existing IP Tables chains, then it adds rules to allow all outgoing traffic and block all incoming traffic except for FTP.