Hi. On Sat, 28 Dec 2002, Robert Penz wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Saturday 28 December 2002 12:24, Stef Coene wrote: > > Oops. Indeed. 20 & 21 is ftp. > port 21 is the control channel port, but port 20 doesn't need to be the data > port. e.g. passive ftp or if the server chooses an other port than 20 to send > the data from. > > its only sure that its port 20 if you control the ftp and deny passiv ftp. anyway for qos it is probably mostly important to detect and mark ftp data connections. this can easily be done with CONNMARK which gives the same mark to RELATED connection as the expectants mark. Another possibility might be the helper match, but i've never tried it. Bye, Patrick
