Aloha i have a singel interface and do the following iptables commands everthings works as i should ( there are some more services with UDP )
iptables -N allowed iptables -A allowed -j ACCEPT iptables -A INPUT -p TCP --dport 22 -j allowed iptables -A INPUT -p TCP --dport 21 -j allowed iptables -A INPUT -p UDP --dport 68 -j allowed iptables -A INPUT -m state --state RELATED -j allowed iptables -A INPUT -m state --state ESTABLISHED -j allowed iptables -A INPUT -j DROP i can also login per ssh and connect to ftp, but scp and ftp auth don't work. I anderstand that they talk about a new port and that the firewall don't see the exchange of that data and therefor can get set the state engine to related or established. For ftp i loaded the con tracking module ... ( i know it for nat but i hopped :) ) but i didn't work. My question is how can, with only a few lines, get this to work. with regards Mark Strasheim __________________________________________________________ Mit WEB.DE FreePhone mit hoechster Qualitaet ab 0 Ct./Min. weltweit telefonieren! http://freephone.web.de/?mc=021201 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
