Hi Michael,
If you're tracking ftp on a non-standard port, you must tell
the ftp conntracker about it when you load it (as a module) or
when you boot the kernel, eg.:
modprobe ip_conntrack_ftp ports=21,15555
modprobe ip_nat_ftp ports=21,15555
Did you do this ?
Regards,
Filip
-----Original Message-----
From: Michael Hayes [mailto:[EMAIL PROTECTED]]
Sent: wo 3/04/2002 8:58
To: [EMAIL PROTECTED]
Cc:
Subject: active ftp queries
G'day,
I have a problem which i'm hoping someone might be able to help me with. I
have a masq box with a /24 network behind it. I'm trying to get active ftp
working on a windows client behind the firewall. The ftp server is not in
my control and connects on 15555 with 15554 used for data. Now I assume
that I have to use the ESTABLISHED, RELATED clauses in my rulesets, but for
the life of me I can't get it to work.
I can connect and run an ls from the masq box, but from a windows machine
behind this I have no luck. I have also looked at
http://www.cs.princeton.edu/~jns/security/iptables/iptables_conntrack.html
but can't get it to work with the FORWARD rules.
Any help / examples would be really appreciated.
Thanks in advance and sorry if this is the wrong forum for such questions.
Mick Hayes
Title: RE: active ftp queries
- active ftp queries Michael Hayes
- FW: active ftp queries Sneppe Filip
- FW: active ftp queries Michael Hayes
