On 2005-08-31 Fabrizio Sannicolo' wrote: > I use iptables to forward traffic from Intranet to Internet and > viceversa using a rule such as > > iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source $SERV_EXT [...] > for any chain I let ESTABLISHED and RELATED connection... > > iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT > > and, at the end of each chain (INPUT, OUTPUT and FORWARD), I put > > iptables -A INPUT -j DROP
That's what the default policies are for: iptables -P INPUT DROP > my problem is that I am not able to enable ftp connections ... You'll need connection tracking, since FTP uses two channels one of which is dynamically determined when establishing the connection. Regards Ansgar Wiechers -- "Another option [for defragmentation] is to back up your important files, erase the hard disk, then reinstall Mac OS X and your backed up files." --http://docs.info.apple.com/article.html?artnum=25668 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
