18 Jul
2003
18 Jul
'03
11:55
On Fri, Jul 18, 2003 at 01:08:49AM +0200, Steffen Dettmer wrote:
I do not understand why this allows masqueraded clients to access active FTP resources. Well, without masq I think the "RELEATED" option of iptables does the trick.
It does ( if ip_conntrack_ftp is loaded ) Active FTP may go beyond the scope of the SuSEfirewall2 tool. It's just an assumption. I never used SuSEfirewall2. Is it an option for you to use iptables without that SuSE tool? -- Stefan Tichy <listuser@pi4tel.de>