Ok. I had a bit of a fiddle with the options
It appears that:
options ip_conntrack ports=21,4559
is incorrect and should be
options ip_conntrack_ftp ports=21,4559
...well it works anyway
Oh and yes hylafax does use ftp over a non-standard port
Thanks heaps Matt for your help!!
Regards,
Phill O'Flynn
-----Original Message-----
From: Matthew Hannigan [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 14 March 2006 4:19 PM
To: Phill O'Flynn
Subject: Re: FW: [SLUG] hylafax
On Tue, Mar 14, 2006 at 03:13:23PM +1100, Phill O'Flynn wrote:
> On Tue, Mar 14, 2006 at 02:50:41PM +1100, Phill O'Flynn wrote:
> > DOH!!! I didn't see that but I am still getting
> >
> > [EMAIL PROTECTED] ~]# /sbin/service iptables restart
> > Flushing firewall rules: [ OK ]
> > Setting chains to policy ACCEPT: filter [ OK ]
> > Unloading iptables modules: [ OK ]
> > Applying iptables firewall rules: iptables-restore: line 36 failed
> > [FAILED]
It looks like this is caused by the options lines in modprobe.conf.
Try taking them out. I suspect they're not needed as the necessary
port information is covered in the iptables rules, when you use
"-m state" in the line that allows the particular port. At least
this should work for ftp over the default ports. Does hylafax
really want to do ftp over non-standard ports?
Docs on netfilter/iptables are frustratingly thin and hard to get.
Matt
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
