On Wed, Sep 18, 2002 at 07:47:27PM +0200, Harald T. Zipko wrote: > strange problem: clients connected to the internet via the mdk 8.2 box > (dhcp-server) are not allowed to download files via ftp from the > internet; other services are working without any problems (eg email > transfer, browsing...) - do I have to open a special port in order to > enable ftp download through the mdk-box (ftp download disabled due to standard >"firewall" > settings...)?
Set the clients to use PASV or Passive transfers in ftp and it ought to work. The other option is to load the ftp helper module ip_conntrack_ftp and allow related connections in your iptables rule sets. ala: -A FORWARD -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT Searching google for some the conntrack module and RELATED and iptables should yield some useful results. -- Ben Reser <[EMAIL PROTECTED]> http://ben.reser.org Never take no as an answer from someone who isn't authorized to say yes.