Hello, On Tue, 10 Feb 2009, LLLActive@GMX.Net wrote:
# FTP for p_ftp in $plist_ftp; do # use these rules for every port in $plist_ftp iptables -A FORWARD -i $IF_INT -o $IF_EXT -p TCP -s $NET_INT -d $NET_ALL --sport $p_high --dport $p_ftp -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A FORWARD -i $IF_EXT -o $IF_INT -p TCP -s $NET_ALL -d $NET_INT --sport $p_ftp --dport $p_high -m state --state ESTABLISHED -j ACCEPT done
Try with conntrack and '-m state --state [NEW,]RELATED,ESTABLISHED'. HTH, -dnh -- Love your enemies: they'll go crazy trying to figure out what you're up to. -- BSD fortune file -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org