> You will have to allow port 20 aswell...FTP uses both port 20 and 21 Do you ? I was under the impression that this line would take care of that (which is already in the iptables config) : > iptables -A FORWARD -i eth0 -o eth1 -p tcp --dport 21 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT However, I'm not sure if it's better to split them up into 2 rules : iptables -A FORWARD -i eth0 -o eth1 -p tcp --dport 21 -m state --state NEW -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT Rob
