Hi I am having some trouble to access passive mode ftp sites.I have a firewall with ip forwarding enabled.When a pc on the network want to access passive ftp servers i need to do the following in my rules ( on the server ): -A OUTPUT -p tcp -m multiport --dport 21,20 -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -i eth0 -j ACCEPT -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT But i do not want every query to be forwarded i only want say ftp access to be forwarded. Why does the following not work ( on the server ): -A FORWARD -p tcp -i eth0 -o ppp0 --dport 20 -j ACCEPT -A FORWARD -p tcp -i eth0 -o ppp0 --dport 21 -j ACCEPT -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT Regards ______________________________________________________________ Herbalife Independent Distributor http://www.healthiest.co.za
