Hi, consider the following: You want to connect to an ftp server running on, say, port 5432 from Your internal LAN. Between is a Linux box with netfilter, masquerading or S'natting respectively the internal addresses.
All works fine with ftp servers on port 21, but on port 5432 connection tracking does not work for the ftp protocol. I'm aware, that i can do a modprobe ip_conntrack_ftp ports=21,5432 modprobe ip_nat_ftp ports=21,5432 to solve this problem. But what, if I have a monolithic kernel with all the netfilter code compiled into the Linux kernel? In this case there is no such thing like modprobe. Any idea how to pass these port arguments directly to the kernel, maybe a boot option I can pass to the kernel at booting time, or an advice what piece of the source code to change in what way (iptables 1.2.6a, linux 2.4.18) to make this work? TIA, Rainer