dear Sir/Madam, I have a linux box (sarge) as router/firewall in my organization. At the moment that Linux box has 3 ethernet cards as follows:
eth0 with public IP eth1 private subnet eth2 DMZ and WiFi I use iptables to forward traffic from Intranet to Internet and viceversa using a rule such as iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source $SERV_EXT I also enable specific services with rules such as iptables -A INPUT -i eth2 -s 192.168.3.0/24 -p tcp --dport 22 -m state --state NEW -j ACCEPT or iptables -A FORWARD -i eth1 -o eth0 -p tcp --dport 80 -m state --state NEW -j ACCEPT for any chain I let ESTABLISHED and RELATED connection... iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT and, at the end of each chain (INPUT, OUTPUT and FORWARD), I put iptables -A INPUT -j DROP my problem is that I am not able to enable ftp connections ... Could you help me, please? thanks, fabrizio. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]