You might want to try reading this info. ftp://ftp.echogent.com/docs/FTP_and_Firewalls.pdf
The problem is that if you nat your internal ftp server which I gamble you are doing the ports aren't opened up by the firewall because he Has no idea he has to do so. As far as the ip_nat_ftp & ip_conntrack modules go I always assumed they made it possible for you to connect out to a natted ftp-server Not ftp to the inside. (I might be wrong on this though) Kim Oppalfens -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dominik Strnad Sent: zaterdag 28 juni 2003 0:22 To: [EMAIL PROTECTED] Subject: [leaf-user] IPtables ftp traffic problems on Bearing 1.2 Helo, I just find out shorewall - IPtables problem when hadling ftp connection. I am using masq to internet. When I create ftp conection from loc firewall will froze - probably kernel panic - sorry I have not VGA card in it. For testing pusposes I set to ACCEPT all trafic from loc to net. # iptables -V iptables v1.2.8 # shorewall version 1.4.5 I am using ip_nat_ftp.o and ip_conntrack_ftp.o modules distributed with Bearing 1.2 I also test to set NAT my PC in loc to a address on net interface and I've tried to connect from internet to ftpd running on my PC. With same results - firewall hang up. (For this test I set policies to ACCEPT all trafic from net to loc) Do anybody know where is the problem? Thank you very much Regards. LTOW ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
smime.p7s
Description: S/MIME cryptographic signature
