From: Tom E. <te...@sh...> - 2002-12-02 14:52:44
|
--On Monday, December 02, 2002 10:12:54 AM +0100 G=F6tz Reinicke=20 <goe...@fi...> wrote: > Hi, > > what do I have to configure, to access "all different kind" of > ftp-servers? :-) What I mean is, that there are some clints, whitch try > to use the passive mode and some servers which can only be accessed by > passive mode. > > In my rule file I have > > ACCEPT loc net tcp ftp > > in modules: > > loadmodule ip_conntrack_ftp > loadmodule ip_nat_ftp > > So any hints? If you use the default loc->net policy of ACCEPT, then you NEVER NEED ANY=20 LOC->NET ACCEPT RULES. So if you are using the standard policies, the above = rule is completely unnecessary. Are the ftp modules actually being loaded (lsmod)? Do you have an ACCEPT or = REJECT rule for Auth (tcp port 113)? -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://shorewall.sf.net ICQ: #60745924 \ te...@sh... |