All, I have a firewall at home protecting a web server (personal stuff); I would like to add ftp capabilities in order to upload files from work, so I can work home. ASCII diagram: DSL -- Firewall -- Web server / FTP server My current rules to allow http are (no other rules included): iptables -t nat -A PREROUTING -p tcp -d 172.16.1.34 --dport 80 -j DNAT \ --to 192.168.0.20 iptables -A POSTROUTING -t nat -o eth0 -j MASQUERADE iptables -A FORWARD -i eth0 -p tcp -d 192.168.0.20 --dport 80 -m state \ --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i eth1 -p tcp -s 192.168.0.20 --source-port 80 -j \ ACCEPT I know I need to use ip_conntrack_ftp; however I am not sure if it allows port forwarding... Really basic question, but I was wondering what everybody is doing... Best regards, Erick This email message has been scanned for viruses.
