Jan Engelhardt wrote: > On Thursday 2008-04-10 03:16, Ming-Ching Tiew wrote: >> >> 1. FORWARD rule policy is DROP. >> 2. Inside can ACCEPT NEW connection to go to outside. >> 3. ACCEPT established or related connections. >> 4. FORWARD tcp port 21 from outside to the >> inside FTP server is ACCEPT. >> >> Will the connection tracking modules help in allowing >> passive FTP session to get through to the FTP server ? > > Make sure nf_conntrack_ftp is loaded so that RELATED can do its job. Is it necessary to specify the ftp port if it is not port 21 ? Regards. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
