On Fri, 2003-03-28 at 17:43, Budai Laszlo wrote: > Thanks, this solved my problem. However, if you check my first post you > can see thet in the FORWARD chain I had : > > ACCEPT all -- anywhere anywhere state RELATED > > but seems it was not enough ... :( and I don't understand. isn't your > rule more restrictiv (state RELATED, ESTABILISHED) than my old rule > (just related)? RELATED is for the ftp-data connection that is established after initial connection attempt. ESTABLISHED is for the original replies, which I think the server would first used until a second/other connection is negotiated. My $0.02 -- Vincent Lim <vincent.lim@xxxxxxxxxx> NESTAC Solution Sdn Bhd
