Hello, I have a linux 2.2 machine which masquerades an internal network to the internet. I want passive and active mode ftp to the internet and web access to work, but nothing else. I've added chains to masquerade packets sent to ports 20, 21 and 80, which is fine for web and active mode ftp, but as the last rule in my chain is deny by default, passive mode requests get dropped even with ip_masq_ftp.o loaded. Is there any way to tell ipchains to masquerade any packets which are part of an ftp session, regardless of which ports they request, and drop all other (non-ftp or http) packets? Thanks, peter CONFIDENTIAL NOTICE This communication contains information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient please note that any distribution, copying or use of this communication or the information in it is strictly prohibited. If you received this communication in error, please notify us by e-mail or by telephone (020 7770 7000) and then delete the e-mail and any copies of it. - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
