On 10/26/05, John Hinton <webmaster at ew3d.com> wrote: > I've been struggling with my firewall and getting vsftp to work in > passive mode. > > It seems that everything on this hosting server works just fine without > the eth0 entry in my iptables except for vsftp in passive. Am I opening > up too much by adding the eth0 line? > Yes. Have you enabled ip_conntrack_ftp (I think) in /etc/sysconfig/iptables-config ? -- Jim Perrin System Administrator - UIT Ft Gordon & US Army Signal Center