Re: FTP through ipmasq
Hiyas,
I joined this thread late but I think you're probably looking for
something like this:
# iptables -A FORWARD -m STATE --state NEW -i ${INSIDE_DEVICE} \
--dport 21 -j ACCEPT
# iptables -A FORWARD -m STATE --state ESTABLISHED,RELATED -j ACCEPT
That should allow new connections to to port 21 (ftp) and allow an
established ftp connection to transmit data in both directions.
HTH,
Lucas
On Mon, Aug 26, 2002 at 10:12:56PM -0700, Paul Johnson wrote:
> On Tue, Aug 27, 2002 at 12:57:32AM -0400, Simon Law wrote:
> > Make sure you are telling iptables that you want to accept
> > ESTABLISHED and RELATED connexions. This will enable active FTP
> > support, if you have the FTP connexion tracking module enabled.
>
> OK...I haven't gotten into stateful firewalling much yet...could I get
> an example?
>
> - --
> Baloo
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
>
> iD8DBQE9awpXNtWkM9Ny9xURAmRNAKCLz3TE8IvLGWPagAje0o+kc4h+QwCfVFRv
> lKgsOPVfViuCHc0IUaFeMUw=
> =bfZ5
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: