I was wondering if there is a way to use established, related on a subchain only. ex. ftp server behind firewall $IPTABLES -A FORWARD -d $IPSERVER -j ftpchain $IPTABLES -A ftpchain -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT This does not seem to work .. It only seems to work when I have the established,related line on the Forwared chain. Thanks for the help. Peter
