On Sun, 5 Jan 2003, Tommy McNeely wrote:
> I use the "stateful" packet filter with iptables.. and it has a
> module called ip_conntrack_ftp that will open the proper ports to
> allow someone to do a passive ftp connection to me.. however, if I
> run my ftp server on an alternate port, it doesnt work..
Place in /etc/modules.conf:
options ip_conntrack_ftp ports=LIST
...where LIST is either a single port, or a comma-separated list of up
to 8 ports. E.g.:
options ip_conntrack_ftp ports=10021
Or:
options ip_conntrack_ftp ports=21,10021
(The limit of 8 ports is hardcoded into ip_conntrack_ftp.c.)
--
James Ralston, Information Technology
Software Engineering Institute
Carnegie Mellon University, Pittsburgh, PA, USA
--
Psyche-list mailing list
Psyche-list@redhat.com
https://listman.redhat.com/mailman/listinfo/psyche-list
