Hi! I think you need the module ip_masq_ftp.o to masquarade active ftp with ipchains, aren't you? So it works fine for me. Perhaps take a look at http://www.linux-firewall-tools.com/linux/. Hope thats you are looking for! Christian Am Montag, 21. Mai 2001 10:09 schrieben Sie:
Hi!
I want to use active-ftp with some clients behind my gateway-pc (ipchains-masquerading)... (passive ftp works) How do I configure my ipchains-firewall to allow this?
I hope someone can help me...
PS> Deconfigure all passive ftp components and open your firewall for PS> tcp/20,21,1024:
That didn't work for me... I have "allow-all-rules" for input, ouput and forward and I didn't deny tcp/20,21,1024...
I have just deny-rules for some ports and one forwarding rule: ipchains -A forward -s 0.0.0.0/0.0.0.0 -d ! 192.168.0.0/255.255.0.0 -j MASQ
With this I can do passive ftp - but active ftp sucks... :-(
Bye.
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com