Sorry i left out something about the following rule: > -A FORWARD -p tcp -i eth0 -o ppp0 --dport 20 -j ACCEPT > -A FORWARD -p tcp -i eth0 -o ppp0 --dport 21 -j ACCEPT > -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT When i set the rule i can connect to passive mode ftp servers but when it needs to list the contents of the ftp server it will list nothing or i will get disc from the ftp server. On Sat, 17 Apr 2004 19:50:35 +0200 "IT Clown" <iptables@xxxxxxxxxxxxx> wrote: > Hi > > I am having some trouble to access passive mode ftp > sites.I > have a firewall with ip forwarding enabled.When a pc on > the > network want to access passive ftp servers i need to do > the > following in my rules ( on the server ): > > -A OUTPUT -p tcp -m multiport --dport 21,20 -j ACCEPT > -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT > -A FORWARD -i eth0 -j ACCEPT > -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > > But i do not want every query to be forwarded i only want > say ftp access to be forwarded. Why does the following > not > work ( on the server ): > > -A FORWARD -p tcp -i eth0 -o ppp0 --dport 20 -j ACCEPT > -A FORWARD -p tcp -i eth0 -o ppp0 --dport 21 -j ACCEPT > -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT > Regards > ______________________________________________________________ > Herbalife Independent Distributor > http://www.healthiest.co.za > ______________________________________________________________ Herbalife Independent Distributor http://www.healthiest.co.za
