On Mon, 2011-05-02 at 20:49 +0200, Carlos E. R. wrote:
On Monday, 2011-05-02 at 02:21 +0200, I wrote:
I'm thinking the rule might be:
192.168.1.0/24,tcp,ftp,ftp 192.168.1.0/24,tcp,ftp-data,ftp-data
I'll try that tomorrow.
Nope, that one doesn't work.
No, that would imply that the client uses the same ports as the server for communication, which is impossible (you could only have one FTP session open for one, then FTP runs on port 20 & 21, which are privileged ports, so you could not use them as non-root). On the server, you'd need something like: 192.168.1.0/24,tcp,ftp 102.168.1.0/24,tcp,ftp-data Together with the conntrack module, this should get you going. (192.168.1.0/24 are the machines in the network, that are allowed to reach your server) Dominique -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org