Hi there, On Sat, 29 Dec 2007, John L. Magee wrote: > TCPDUMP analysis shows that the response from the server to the client > telling it to go to passive mode on port x is retaining the INSIDE > address of the server in the command packet and the client therefore > tries to initiate the data connection directly to the inside address > instead of the outside one. > > I do see all kinds of related commentary while googling but none that > have any solutions for me. If ip_contrack_ftp and ip_nat_ftp are > supposed to manage this, they are not. Does this help? http://securepoint.com/lists/html/NetFilter/2006-11/msg00209.html -- 73, Ged. - To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
