My IPTABLES rules include a rule for what IP addresses I
allow FTP connectons from,
## Allowed FTP clients listed here:
$IPTABLES -A ALLOW_PORTS_I_EXT -p tcp -s www.xxx.yyy.zzz --dport 21 ACCEPT
and then rules of the sort
## Accept Established, Related.
$IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
|
for both input and output to allow the data connection.
PROBLEM:
If I just run the IPTABLES rules, and then try to connect from the
outside, I can connect, but trying to do a 'dir' produces no output.
Clearly the data connection is being refused.
If I then do a /sbin/modprobe ip_conntrack_ftp and try again, everything
works fine.
SO how should this module be getting loaded ???
I can always build ITABLES into the kernel rather than leaving it as
modules, but Id like to know whats wrong with my current setup.
is something missing from modules.conf or what?
--
Reg.Clemens
[EMAIL PROTECTED]
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
