FreeBSD / OpeBSD Running in KVM Does Not Accept FTP Traffic

last updated in Categories

I‘ve setup FreeBSD and OpenBSD under KVM. Everything works great except ftp protocol. I’ve no firewall installed inside FreeBSD and OpenBSD. How do I configure Linux host KVM firewall to allow ftp traffic?

You need to configure iptables to allow all traffic to be forwarded across the bridge from KMV guest. There are two options here:

Option #1: Configure Iptables

Type the following command as root user on KVM host (RHEL / CentOS host system):

/sbin/iptables -I FORWARD -m physdev --physdev-is-bridged -j ACCEPT
/sbin/service iptables save
/sbin/service iptables restart

Option #2: Disable Iptables On Bridges

Edit /etc/sysctl.conf, enter:
# vi /etc/sysctl.conf
Append the following config directives:

# Disable iptables on bridges so that ftp will work
net.bridge.bridge-nf-call-ip6tables = 0
net.bridge.bridge-nf-call-iptables = 0
net.bridge.bridge-nf-call-arptables = 0

Save and close the file. Reload the changes:
# sysctl -p

This entry is 10 of 14 in the CentOS / Redhat (RHEL) KVM Virtulization series. Keep reading the rest of the series:
  1. CentOS / Redhat: Install KVM Virtualization Software
  2. CentOS / Redhat: KVM Bridged Network Configuration
  3. KVM virt-manager: Install CentOS As Guest Operating System
  4. KVM virt-install: Install FreeBSD / CentOS As Guest Operating System
  5. KVM: Install CentOS / RHEL Using Kickstart File (Automated Installation)
  6. Troubleshooting KVM Virtualization Problem With Log Files
  7. KVM Virsh: Redirect FreeBSD Console To A Serial Port
  8. KVM: Starting / Stopping Guest Operating Systems With virsh Command
  9. Linux KVM: Disable virbr0 NAT Interface
  10. FreeBSD / OpeBSD Running in KVM Does Not Accept FTP Traffic
  11. KVM: Start a Virtual Machine / Guest At Boot Time
  12. KVM virt-install: Install OpenBSD As Guest Operating System
  13. Linux KVM: OpenBSD Guest Hangs At Starting tty Flags
  14. KVM Virtualization: Start VNC Remote Access For Guest Operating Systems

Get 15% off on Linux Foundation certified SysAdmin, Progamming, Kubernetes/Containers and Open Stack certification & course. Use "SPLASH15" coupon code. Offer expires on August 27, 2018
training.linuxfoundation.org

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Tagged as: Tags , , , , , , , , , , ,