Nevermind --- not sure why it is not working --- I was able to get it to work by setting a port range for passive on the FTP server and then forwarding the port range to the FTP server. Michael. On Tue, 13 Apr 2004 14:08:48 -0600 Michael Gale <michael.gale@xxxxxxxxxxxxx> wrote: > Hi, > > The log files from the LOG target show that the OUT interface for > packets > coming after the passive command is issue to be the exteranl interface, which > is wrong since all other commands show the out interface as eth1 the internal > nic. > > Michael. > > > On Tue, 13 Apr 2004 13:43:34 -0600 > Michael Gale <michael.gale@xxxxxxxxxxxxx> wrote: > > > Hello again, > > > > It seems that on tablerule-36 (custom user chain) the --state RELATED > > does not > > work ? > > > > If I add a rule allowing all traffic it works ? > > > > Michael. > > > > > > On Tue, 13 Apr 2004 13:13:36 -0600 > > Michael Gale <michael.gale@xxxxxxxxxxxxx> wrote: > > > > > Hello, > > > > > > I have all the iptable modules built into the kernel. I also forgot to > > > add the > > > for the custom tablerule I have allowed all established and related > > > connections. > > > > > > Michael. > > > > > > > > > On Tue, 13 Apr 2004 19:59:53 +0200 > > > Rob Sterenborg <rob@xxxxxxxxxxxxxxx> wrote: > > > > > > > On Tue, 2004-04-13 at 19:41, Michael Gale wrote: > > > > > Hello, > > > > > > > > > > I am having trouble getting a FTP connection to work in passive > > > > > mode from > > > > > behind a firewall. > > > > > > > > .... > > > > > > > > > So all rules with regards to this IP / PC are under one rule. > > > > > > > > > > This setup is working fine for all connections accept passive FTP -- > > > > > it seems the firewall is not forwarding the related data connection to > > > > > the internal server. > > > > > > > > Did you load the ip_conntrack_ftp and ip_nat_ftp modules ? > > > > > > > > > > > > Gr, > > > > Rob > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > Michael Gale > > > Network Administrator > > > Utilitran Corporation > > > > > > > > > > > > > > > > > > > > > -- > > Michael Gale > > Network Administrator > > Utilitran Corporation > > > > > > > > > > > > > -- > Michael Gale > Network Administrator > Utilitran Corporation > > > > > -- Michael Gale Network Administrator Utilitran Corporation
