Hi Everyone, My question is, that if I have already loaded the ftp connection tracking and nat modules, do i still need to write scripts like the following on my firewall, to enable FTP Access from inside to outside ( My Default Rules are - Allow Outgoing connection tcp on port 21 Deny all other outgoing connections Scripts (For Active FTP) iptables -A INPUT -p tcp --sport 20 -m state --state ESTABLISHED,RELATED-j ACCEPT iptables -A OUTPUT-p tcp --dport 20 -m state --state ESTABLISHED-j ACCEPT (For Passive FTP) iptables -A INPUT -p tcp --sport 1024: --dport 1024: -m state --state ESTABLISHED-j ACCEPT iptables -A OUTPUT-p tcp --sport 1024: --dport 1024: -m state --state ESTABLISHED,RELATED-j ACCEPT -- Ashutosh Naik Teneoris Networks India Pvt. Ltd www.teneoris.com
