On Tue, Feb 15, 2005 at 06:50:51PM -0700, jared r r spiegel wrote: >> ... > > However, here's the rule I added for the FTP: > > > > pass in quick on $name_itf_ext inet proto tcp from port 20 to > > ($name_itf_ext) user proxy flags S/SA keep state > > ok, that's that.. are you blocking everything by default on > bastion, not just inbound? is there a chance that the connection > from ftp-proxy back to your LAN was blocked?
Jared, You're right, everything is blocked by default on the bastion, not just inbound but also outbound! What ports, hosts and direction should I allow, in your opinion? I now hope we're approaching a solution! Your help is greatly appreciated! Nicolas, Paris. -- --- OxStOnE -------------- O - Z750 & Linux ------- ._ /\_> --- Powered ---------- (x)> (x) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~