Thanks for the information. On Wed, Jan 2, 2019 at 9:20 AM Tom Eastep <teas...@shorewall.net> wrote:
> On 1/1/19 2:05 PM, Naveen Neelakanta wrote: > > Hi Tom > > > > This works where zone 2 is the internet facing zone. > > > > ?if __FTP_HELPER > > > > IPTABLES(CT --zone 2 --helper ftp) eth3 - > > tcp 21 > > > > IPTABLES(CT --zone 2 --helper ftp):O 0.0.0.0/0 <http://0.0.0.0/0> > > eth3 tcp 21 > > > > IPTABLES(CT --zone 2 --helper ftp) veth-e3-p - > > tcp 21 > > > > IPTABLES(CT --zone 2 --helper ftp):O 0.0.0.0/0 <http://0.0.0.0/0> > > veth-e3-p tcp 21 > > > > ?endif > > > > > > Please find the attached conntrack file, please let me know if this is > > the right way to do it or is there a better way. > > > > Can I use a generic zone id in this case or just the zone which is > > internet facing? > > > > You may need to add additional entries for your other zones, if you need > to provide ftp access from those zones. > > -Tom > -- > Tom Eastep \ Q: What do you get when you cross a mobster with > Shoreline, \ an international standard? > Washington, USA \ A: Someone who makes you an offer you can't > http://shorewall.org \ understand > \_______________________________________________ > >
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
