Remember the ftp conntrack and nat kernel modules don't autoload.. Do modprobe ip_nat_ftp to load both. Set this in your /etc/init.d/iptables script (or wherever you start your iptables script from)
Regards, Peter. On Wed, 2004-06-09 at 21:30, hubix wrote: > Hello, > In first, thnks for your help... > my firewall is configure to accept established connections, default > policies is drop, and log before drop... > and curiously, there are no packets dropped when ftp connection tries... > I have already tried to insert, for 1s, ACCEPT rule in forward table, > and there is no change. > I will try xinetd configuration > Sorry. >
