Hello, I am a new list user, I have spent time searching the archives to no avail. I am a relative firewall newbie, Hoping someone can help me. I am using Shorewall 2.4.1 to manage my IPTables, everything works great, but I have 1 single vendor who cannot FTP files to me. my many other FTP vendors work fine and dandy. I get an error on the console from the conn tracker. conntrack_ftp: partial PORT xxxxx-xx With Ethereal, I discovered that the PORT command from this problematic vendor is not terminated with CR/LF. All other FTP sequences (that work fine) have cr/lf at the end of the port command. RFC959 simplified, states that all commands will be terminated with cr/lf Has anyone run into a fix for this type of situation..the vendor has pushed back saying the cr/lf is actually in the next packet (which I have not verified yet) I have read online where the port command must be contained within 1 single packet but this information is hard to come by. IPTables 1.3.3 Linux Kernel 2.6.8.2.386 Shorewall 2.4.1 Thank you all. JimSanders RCRMC.
