Couple of Newbie Questions

Couple of Newbie Questions

[Mike Sowka]

[-- Attachment #1: Type: text/plain, Size: 782 bytes --]

Hello Everyone,

I just have a few "entry-level" questions:

#1 Just installed Redhat AS, and can't figure out why vsftpd doesn't
work in passive mode. I have NEW tcp packets with --dport 21 -j to
ACCEPT, and the following line

-m state --state ESTABLISHED,RELATED -j ACCEPT

that should jump RELATED ftp packets to accept too... ?right?? Well it
doesn't work.

#2 Disclaimer: this one is VAIN... after messing around with the nat
table, I took out any reference to the nat table from my
/etc/sysconfig/iptables but when I `/sbin/service iptables status` the
nat table still prints with all of the chains empty... where does this
info for the nat table persist? 

Thanx for your patience in swatting any confusion for me,
Mike

P.S. attaching iptable for reference concerning Q #1

[-- Attachment #2: iptables --]
[-- Type: text/plain, Size: 842 bytes --]

# Firewall configuration written by redhat-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT