Thanks for this explanation. > Passive FTP does not use tcp/20 at all. Instead of the server connecting > to the client, the client connects to the server for data transfers. The > server chooses an arbitrary port for the client to connect to. The intent > of passive FTP was to work around firewalls that don't permit inbound > connections. So with passive FTP, both ports (source and dest) are dynamic. Correct? How to match this data tranfer with iptables? Thanks. Francois. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
