Joe, I'm not sure what exactly ftp_conntrack and ftp_nat do internally and I'm not a kernel hacker to just go ahead and read the code to figure out about this but it might very well be the case that either of these modules are scanning through the ftp dialog to gather the necessary information for further conntrack/nat processing of the ftp session. As it's very odd that a TCP segment with only 'P' goes through as opposed to 'PASS...' it can be that the code cannot deal with this partial dialog. This is just a hunch. Kernel hackers?!?
Ramin On Thu, Apr 25, 2002 at 07:13:24PM -0400, Dougherty, Joe wrote:
