Le mar 06/04/2004 à 09:01, __ Radien__ a écrit : > ByTheWay, about ftp service, do u mean that w/ iptables I can set such > rules that can detect and pass the data connection corresponding to > existing control-connection further than ordinary accepting > control-conneciton to fwd. > Does RELATED state match such cases? Yes. For FTP, the date connection first packet will have RELATED state, for it complies to informations that were gathered within control connection by ip_conntrack_ftp module, allowing you to match and accept it. -- http://www.netexit.com/~sid/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
