bisoir, J'ai charg� pas mal de modules pour iptables notamment pour le ftp : # lsmod .... ip_nat_ftp 2944 0 (unused) iptable_nat 12660 3 [ipt_REDIRECT ipt_MASQUERADE ip_nat_irc ip_nat_ftp] ip_tables 10432 21 [ipt_REJECT ipt_multiport ipt_length ipt_tos ipt_owner ipt_limit ipt_LOG ipt_unclean ipt_MIRROR ipt_state ipt_TOS ipt_mark ipt_mac ipt_REDIRECT iptable_filter ipt_MARK iptable_mangle ipt_MASQUERADE iptable_nat] ip_conntrack_ftp 3200 0 (unused) ip_conntrack 12684 4 [ipt_state ipt_REDIRECT ipt_MASQUERADE ip_nat_irc ip_conntrack_irc ip_nat_ftp iptable_nat ip_conntrack_ftp]
Pourquoi ip_conntrack_ftp ip_nat_ftp sont unused ??? dans mon script iptables je mets : #ftp $IPT -A INPUT -i ppp0 -p tcp --sport ftp -m state --state ESTABLISHED -j ACCEPT $IPT -A OUTPUT -o ppp0 -p tcp --dport ftp -m state --state NEW,ESTABLISHED -j ACCEPT $IPT -A INPUT -i ppp0 -p tcp --sport ftp-data -m state --state ESTABLISHED,RELATED -j ACCEPT $IPT -A OUTPUT -o ppp0 -p tcp --dport ftp -m state --state NEW,ESTABLISHED -j ACCEPT $IPT -A INPUT -i ppp0 -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT $IPT -A OUTPUT -o ppp0 -p udp -m state --state ESTABLISHED -j ACCEPT $IPT -A INPUT -i ppp0 -p tcp -m state --state ESTABLISHED -j ACCEPT $IPT -A OUTPUT -o ppp0 -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT ca qui athorise tout le udp et tcp rentrant pourtant ca foire.... Mais ou est le prbleme ?? Ai-je oubli� un module ??? Merci d'avance ;-) -- gcolpart web site : http://gcolpart.dyndns.org
