Why don't you just reserve an IP address for this client in your DHCP server? That would be my choice, to ensure the client would have a static IP. Iptable always adds IP's to chains, never hostnames. It actually does a reversed look-up when you do an iptables -N. You could ofcourse also write some spiffy script, to update your chains with the clients new IP address, when it changes, but that would be overkill I think. BTW, ssh when used with pub/priv key authentication is perfectly safe. Hope this helps. PS. Disregard last one I sent on this one, belongs to other topic. Why does list e-mail adress appear in CC, not in TO. This is very unhandy replying to the list. I now replied twice to people personally. Appologies for the spam. -----Original Message----- From: Kenneth Kalmer [mailto:kenneth.kalmer@xxxxxxxxx] Sent: Wednesday, March 09, 2005 9:11 AM To: Sietse van Zanen Cc: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: Fedora 3 + netfilter 1.2.11 + FXP I'm not too sure, but isn't FXP enabled or disabled in the FTP server? As I understand it, when you do an FXP transfer you're asking FTP server A to upload on your behalf to FTP server B. It's a normal FTP 'transaction' in every sense except that the files don't originate from your box. I could be wrong, but I hope this helps. On Mon, 7 Mar 2005 13:03:23 +0100, Sietse van Zanen <sietse@xxxxxxxxx> wrote: > Hello, > > I am running a standard installation of Fedora Core 3 (2.6.10-1.770.FC3) > & netfilter 1.2.11 > > Is there anybody here that can give me an answer to the following > question: > > Is it possible to enable FXP in this configuration? (above config, no > new kernel compiling, patching etc) > > If possible, how can I enable it? > > I tried putting add options ip_conntrack_ftp fxp=1 in /etc/modules.conf, > but this doesn't help > > Spent all morning wading through the web and all the years old > documentation available, but I haven't found what I was looking for. > Found some stuff about this ftp-fxp patch, but that too seems legacy for > very old version. > > Greets, > > Sietse > > -- Kenneth Kalmer kenneth.kalmer@xxxxxxxxx http://opensourcery.blogspot.com
