oh yeah. what's the right module for the iptables?<br><br><div><span class="gmail_quote">On 8/31/06, <b class="gmail_sendername">Jim Perrin</b> <<a href="mailto:jperrin@gmail.com">jperrin@gmail.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">> im having a problem with proftpd access when my firewall is running. Im<br>> using centos
4.3 with proftpd-1.2.10-10.2.el4.rf<br>><br>> i haven't done any modification from my proftpd i just run the server. my<br>> iptables ruleset is very simple i use stateful routing.<br>><br>> iptables -A INPUT -i ! $WAN -j ACCEPT
<br>> iptables -A INPUT -i $WAN -m state --state NEW -p tcp --dport 21 -j ACCEPT<br><br>I suspect your problem might be related to PASV ftp jumping up to a<br>higher power. You need to set an upper and lower port bound for PASV
<br>ftp, or enable ftp connection tracking by loading the appropriate<br>iptables module.<br><br><br>--<br>During times of universal deceit, telling the truth becomes a revolutionary act.<br>George Orwell<br>_______________________________________________
<br>CentOS mailing list<br><a href="mailto:CentOS@centos.org">CentOS@centos.org</a><br><a href="http://lists.centos.org/mailman/listinfo/centos">http://lists.centos.org/mailman/listinfo/centos</a><br></blockquote></div><br>
<br clear="all"><br>-- <br>Regards,<br>Mark Quitoriano, CCNA<br><br>Fan the flame...<br><a href="http://www.spreadfirefox.com/?q=user/register&r=19441">http://www.spreadfirefox.com/?q=user/register&r=19441</a>