Hello all, My home-brew iptables firewall has a problem with apt-get using the ftp method. I get this sort of thing in the log:-
Sep 9 10:19:21 elm kernel: OUTPUT_DENY_ALL:IN= OUT=ppp0 SRC=203.91.66.233 DST=203.8.116.111 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 PROTO=TCP SPT=3299 DPT=51738 WINDOW=5840 RES=0x00 SYN URGP=0 As you can see the packet to the mirror has SPT 3299 DPT 51738 neither of which is a well known port. I can use ncftp ok with passive set either on or off. So just what is happening here? The port numbers change with each invocation of apt-get, so a specific rule is not possible. How can I fix it? Any help will be much appreciated. Lindsay -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Lindsay Allen <[EMAIL PROTECTED]> Perth, Western Australia voice +61 8 9316 2486, 0403 272 564 32.0125S 115.8445E Debian Linux =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
