Re: Allow active and passive FTP connections

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thursday 17 June 2004 1:13 pm, Piszcz, Justin Michael wrote:

> I think he meant, modprobe ip_conntrack_ftp and if you are behind nat
> there is a module for that as well.

insmod should do the job perfectly well.

NAT is very unlikely when the rules are running on the FTP server itself 
(they're in the INPUT & OUTPUT chains).

Regards,

Antony.

> -----Original Message-----
> From: netfilter-admin@xxxxxxxxxxxxxxxxxxx
> [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Chris Brenton
> Sent: Thursday, June 17, 2004 8:08 AM
> To: Sagara Wijetunga
> Cc: netfilter
> Subject: Re: Allow active and passive FTP connections
>
> On Thu, 2004-06-17 at 07:03, Sagara Wijetunga wrote:
> > I have following issues relating to above rules:
> > 1. For active FTP requests by remote clients, it drops
> > the data connection request to the remote client from
> > the server on the OUTPUT chain.
> >
> > 2. For passive FTP requests by remote clients, it
> > drops the data connection request to the server from
> > remote clients on the INPUT chain.
>
> Try:
> insmod ip_conntrack_ftp
>
> HTH,
> C

-- 
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?

                                                     Please reply to the list;
                                                           please don't CC me.



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux