hello, ##Control connection ( port 21) -A FORWARD -i $LAN -o $EXT -m state --state NEW,ESTABLISHED,RELATED -p tcp -m multiport --dports 21 -j ACCEPT -A FORWARD -i $EXT -o $LAN -m state --state ESTABLISHED,RELATED -p tcp -m multiport --sports 21 -j ACCEPT
##Data connection -A FORWARD -i $EXT -o $LAN -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i $LAN -o $EXT -m state --state ESTABLISHED -p tcp -j ACCEPT FORWARD default policy is DROP ------------------ With this rules i can't start data connection but control connection work in Active ftp (standard mode) My server try to work in passive mode because try to connect the ftp server via port > 1024 such as 5049, .... after control connection for data transfer thanx -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
