-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Help... I have the following in my firewall startup script: /sbin/modprobe nf_conntrack_ftp $IPTABLES -A INPUT -p tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT $IPTABLES -A PREROUTING -t nat -p tcp -i $IFACE --dport 21 -j DNAT - --to 10.1.1.32:21 $IPTABLES -A OUTPUT -p tcp --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT # Active $IPTABLES -A INPUT -p tcp --sport 20 -m state --state ESTABLISHED,RELATED -j ACCEPT $IPTABLES -A PREROUTING -t nat -p tcp -i $IFACE --sport 20 -j DNAT - --to 10.1.1.32:20 $IPTABLES -A OUTPUT -p tcp --dport 20 -m state --state ESTABLISHED - -j ACCEPT # Passive $IPTABLES -A INPUT -p tcp --sport 1024: --dport 1024: -m state - --state ESTABLISHED -j ACCEPT $IPTABLES -A PREROUTING -t nat -p tcp -i $IFACE --dport 1024: -j DNAT --to 10.1.1.32 $IPTABLES -A OUTPUT -p tcp --sport 1024: --dport 1024: -m state - --state ESTABLISHED,RELATED -j ACCEPT I am trying to forward public internet ftp traffic to a machine behind my firewall. Anyone have this working? Mine is failing and I have no real debug info to explain why.... Robert - -- :wq! ==================================================================== Robert L. Harris | GPG Key ID: E344DA3B @ x-hkp://pgp.mit.edu DISCLAIMER: These are MY OPINIONS With Dreams To Be A King, ALONE. I speak for First One Should Be A Man no-one else. - Manowar -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iD8DBQFJOWZz8+1vMONE2jsRAiGhAKDegPgFRU+X7CDblJAvkPIemPHu7ACgwJo3 8K6ABSfK+3JJIgFEbK2IsxA= =kAMe -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]