Will do - I had hoped that I could have used an existing script - but time to advance
as the improved features come to hand :-)
Richard S
>>> Theuns Verwoerd <[EMAIL PROTECTED]> 07/16 2:23 >>>
Greetings
> I am setting up a firewall using ipchains and RedHat 7.2 . Previously when
> doing this type of thing (RedHat 6.2 boxes) , I have had to use a module
> ftp-masq.o to allow ftp connections with masquerading.
>
> It appears that 7.2 does not have this module (built in?) but I cannot
> establish complete ftp sessions, that is I can connect, but cannot do for
> example ls to get the file list from the ftp site.
>
> Running an ftp session via Web browser is fine (uses the alternative ftp
> data method, not port 20?), but a standard session (from the command line)
> does not work (unable to set up PORT).
Redhat 7.2 uses the 2.4 kernel - under which the ipchains module is for
backward compatibility. The native packet filter is iptables - I
recommend changing to that if you are constructing a new firewall. It's a
lot more flexible, and that's where new features will probably go.
Have a look at netfilter.samba.org for more details.
Theuns
KRN
-------------------------------------------------------------
Theuns Verwoerd 27 Nazareth Avenue
Software Engineer PO Box 8011
Allied Telesyn Research Christchurch
phone +64 3 339 3000 New Zealand
fax +64 3 339 3002 email: [EMAIL PROTECTED]
web: http://www.alliedtelesyn.co.nz/
-------------------------------------------------------------
