Hey, Thanks for the reply. This is too what I thought. I sent an email to my server admins who responded thusly: >> Hello, >> >>I am trying to setup my iptables to be quite strict, but to alow FTP >>connections. >> >>I am trying to use modprobe with ip_conntrack_ftp for this but I keep >> hitting a brick wall trying to get this to work. > >Hi Noah, our kernels do not support modules but do have the >conntrack_ftp module built in so you don't need to worry about >modprobing it to get it to work. Also, when I start apt-get you see the following line in /var/log/messages/ Dec 23 17:45:18 achilles kernel: conntrack_ftp: partial 227 2850985299+27 So I naturaly assumed that conntrack_ftp was loaded. Is "conntrack_ftp" the same as "ip_conntrack_ftp" and what does this line in the log meen. I have googled for ages but not found anything. Any further help would be amazing. Thank you. Noah Slater On Thu, 23 Dec 2004 13:33:08 -0500, Jason Opperisano <opie@xxxxxxxxxxx> wrote: > On Thu, 2004-12-23 at 12:59, Noah Slater wrote: > > Hello, > > > > I have a question regarding iptables and apt-get. I have a shell > > script which is included at the bottom of this email which sets up > > iptables for me. The only problem is that it is not managing to track > > apt-get's ftp connections and prevents me from using it. I have > > included a tail of /var/log/messages and the output when I try to run > > apt-get. > > > > It seems to be failing to let ftp connections back into my box. > > > > I would be more than appreciative if someone could point out where I > > am going wrong. > > it appears as though you don't have "ip_conntrack_ftp" loaded; > therefore, there's nothing to recognize that the SYN from the FTP server > is RELATED. > > -j > > -- > "That's it! You people have stood in my way long enough. I'm going > to clown college!" > --The Simpsons > >
