Hi, The log files from the LOG target show that the OUT interface for packets coming after the passive command is issue to be the exteranl interface, which is wrong since all other commands show the out interface as eth1 the internal nic. Michael. On Tue, 13 Apr 2004 13:43:34 -0600 Michael Gale <michael.gale@xxxxxxxxxxxxx> wrote: > Hello again, > > It seems that on tablerule-36 (custom user chain) the --state RELATED > does not > work ? > > If I add a rule allowing all traffic it works ? > > Michael. > > > On Tue, 13 Apr 2004 13:13:36 -0600 > Michael Gale <michael.gale@xxxxxxxxxxxxx> wrote: > > > Hello, > > > > I have all the iptable modules built into the kernel. I also forgot to > > add the > > for the custom tablerule I have allowed all established and related > > connections. > > > > Michael. > > > > > > On Tue, 13 Apr 2004 19:59:53 +0200 > > Rob Sterenborg <rob@xxxxxxxxxxxxxxx> wrote: > > > > > On Tue, 2004-04-13 at 19:41, Michael Gale wrote: > > > > Hello, > > > > > > > > I am having trouble getting a FTP connection to work in passive mode > > > > from > > > > behind a firewall. > > > > > > .... > > > > > > > So all rules with regards to this IP / PC are under one rule. > > > > > > > > This setup is working fine for all connections accept passive FTP -- it > > > > seems the firewall is not forwarding the related data connection to the > > > > internal server. > > > > > > Did you load the ip_conntrack_ftp and ip_nat_ftp modules ? > > > > > > > > > Gr, > > > Rob > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > Michael Gale > > Network Administrator > > Utilitran Corporation > > > > > > > > > > > > > -- > Michael Gale > Network Administrator > Utilitran Corporation > > > > > -- Michael Gale Network Administrator Utilitran Corporation
