/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
On Thu, 21 Dec 2000 09:39:18 -0600, Daniell Freed <[EMAIL PROTECTED]>
wrote:
>I'm not conviced this is the problem, but it may be related. I am not useing
>ncftp, I am using the basic Linux ftp client from the console.
>
>If I turn on passive mode this will correct the problem, but that shouldn't be
>needed if the ip_masq_ftp module is working correctly. Passive mode tells the
>server not use the data connection so that ftp works in environments where
>firewalls prevent it from working normally.
right.
>Do we need to have a rule explicitly in our IPCHAINS input chain that accepts
>all connection attempts from anywhere on port 20 to make this work (something
>like ipchains -A input -p TCP -i $externalinterface -s 0/0 20 -d $externalip -y
>-l -j ACCEPT )? Or should it work without this? This rule does fix the
>problem, but should I need it if I am using the ip_masq_ftp module?
i thought, this would be done automagically by the ip_masq_ftp module.
jan
---
Jan Stifter
http://www.medres.ch/~jstifter/
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
