* Frédéric Poulet;
# 13.) FW_FORWARD="192.168.1.0/24,192.168.5.2,tcp,80 192.168.1.0/24,192.168.5.2,tcp,21"
OK
# 14.) FW_FORWARD_MASQ="0/0,192.168.5.2,tcp,80 0/0,192.168.5.2,tcp,21"
OK
4)tail -n30 /var/log/messages
Jan 23 08:28:12 linux kernel: SuSE-FW-DROP-DEFAULT IN=eth2 OUT=eth1 SRC=192.168.5.2 DST=192.168.1.199 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=6134 DF PROTO=TCP SPT=32969 DPT=113 WINDOW=5840 RES=0x00 SYN URGP=0 OPT (020405B40402080A0419B6680000000001030300)
Not OK they are not related to FTP traffic ie DPT=113 is Identd request and its perfectly okau to drop it. We need the logs when you are trying to do the FTP so DPT=21 will be seen in the logs -- Togan Muftuoglu Unofficial SuSE FAQ Maintainer http://dinamizm.ath.cx