On Thu, Dec 19, 2002 at 04:58:53PM +1100, Rob Weir wrote:
> Yes, there is. iptables has modules for ftp (to support non-passive
> mode) and irc (to support dcc, etc). They're called
> ipt_{conntrack,nat}_{irc,ftp}, IIRC.
Does this work automagically once inserted, or is there some trick to
iptables to prod it into service? I suspect the latter is true, as
I've tried it with just inserting the modules and it didn't work as expected.
> There're no ICQ modules, because
> a) stateful firewalling mostly obviates the need for this, and b) the
> NetFilter folks have a policy that they won't write or support modules
> for protocols that don't have at least one working Free client and
> server.
Someone should go tell the netfilter folks about the jabber icq server
and the licq client sometime.
--
.''`. Baloo <baloo@ursine.dyndns.org>
: :' : proud Debian admin and user
`. `'`
`- Debian - when you have better things to do than to fix a system
Attachment:
pgpvusLQjKiVs.pgp
Description: PGP signature