I intend to run ftp-proxy on the 'director' of an LVS cluster. The ftp server will run on one of the real servers in the cluster. I use ipchains for firewalling the director against the Internet. Only a very limited set of rules is curently active, to allow ssh access to the 'director' and for the load balanced http services, plus DNS and NTP lookups and such stuff. Question: Does someone have a ruleset for ipchains for the additional rules required for the ftp proxy service. a) allowing public access to the ftp-proxy service from outside b) (if possible) allowing inside users to use an ftp client (like ncftp or wget) to access public ftp servers on the Internet. I would be happy to search the mailing list but faild to find a search feature. || Alois Treindl, Astrodienst AG, mailto:alois@astro.com || Zollikon/Zurich, Switzerland