On Tue, May 17, 2005 at 06:27:08PM +0200, Robert Becskei wrote:
> Hello everyone ,
>
> my clients access the internet like this
>
> client --- proxy server --- eth0 firewall eth1 ----internet
>
> in squid.conf I told squid to always direct allow ftp...
>
> in iptables I've did the following modifications...
you are making this much more complicated than it actually is:
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -i eth0 -o eth1 -p tcp --syn --dport 21 -j ACCEPT
-j
--
"Peter: Wow, it's like I died and went to heaven, then God realized it
wasn't my time yet, so He sent me back to a brewery."
--Family Guy
