It is the "--sport $unassgn --dport $unassgn" that is killing me. How do I restrict the last three to just passive mode ftp?
On 01/08/2010 02:24 AM, Mart Frauenlob wrote:
use the 'helper' match extension. i.e: -m helper --helper ftp. if you need to distinguish between active and passive, you still can use the port and state matches for that.
Hi Mart, Thank you! Can you point me to the directions/manual for the "-m helper --helper ftp" so I can figure out what exactly it is doing and how to install it? Many thanks, -T -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
