Hello all, excuse me... I have found lots of explanations about ip_conntrack_ftp but no one could help me to solve the following problem: My FTP server is behind a firewall (ports >1023 blocked), so FTP should be always done in ACTIVE MODE and so, the client needs to send PORT command to server and server will open the data connection... But the client is behind a NAT and the data connection from the FTP server is rejected by the NAT. This makes the client timeout because it will never get the SYN packet from server... Question: How to configure NAT to track this incoming FTP data connection from any server behind a firewall to any clients in the LAN ???? Thanks very much! Joao
