On Monday 19 August 2002 10.55, Derek Fountain wrote:
My local network is 192.168.x.y based, so the router has to do NAT. Perhaps I should have mentioned that? :-} Doing FTP, for example, via the NAT box sometimes has the server respond that the source port is invalid. I don't see if often, but it has happened. If everything is going via NAT, I thought that might cause me related problems...?
I'm guessing that happens when you're doing active ftp. When you use passive ftp all connections are client -> server so there shouldn't be a problem, but when you use active ftp, the data connection is server -> client, so you'll need to set up the iptables module to handle it. On a SuSE NATting server it should be done automatically. On an older, ipchains based firewall/router I remember this causing if not problems, then at least headaches :) //Anders -- 'Deserves [death]. I daresay he does. Many that live deserve death. And some that die deserve life. Can you give it to them? Then do not be too eager to deal out death in judgement. For even the very wise cannot see all ends.' --Tolkien, The Lord of the Rings