Hi, Everything seems to work fine except FTP via NAT. The interfaces that are not natted handle ftp normally. When I do ftp from inside where the connection goes thru nat, I get an instant establisment of connection,syn,ack,syn-ack followed by a 30 second wait...then all works normally from that point. This 30 second delay is constant with each new ftp connection. I have tried about everything in the iptables script. Passive ftp does the same thing. All the other protocols seem okay including IRC. I am running RedHat kernel 2.4.18-24.7.x i686, iptables version 1.2.5, all the latest RedHat updates. I have loaded: ip_conntrack ip_conntrack_ftp ip_conntrack_irc ip_table_nat ip_nat_ftp ip_nat_irc ipt_state ipt_limit ipt_REJECT ipt_LOG ipt_unclean ipt_mac iptable_filter iptable_mangle iptable_nat Should the ftp connection show up in /proc/net/ip_conntrack ? It does NOT show in there. Is there a problem with the ipt_nat_ftp module? -Del
