Hi, I have question about tunneling ftp traffic . Basically I would like to connect to remote ssh server and use ftp client to download/upload files through the tunnel. Here is the situation: Local computer (A): 192.168.200.1 Firewall box with two interfaces (B): 10.1.1.2 and 192.168.200.254 So, on local computer A: ssh -v -L 192.168.200.1:16124:50.40.30.20:16124 -p 50522 larrson@xxxxxxxxxxx On firewall I set: $IPT -A FORWARD -d 88.33.88.33 -m state --state NEW -p tcp --dport 50522 -o $EXTERNAL_ETH -j ACCEPT and everything works OK until ftp client start passive mode. As I can see in the log file, additional high ports are opened and of course they are blocked by iptables. I though that all traffic going only by ssh tunnel. Could someone, please, explain to me whats going on? Kind regards, Thomas -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
