Re: ftp connection tracking - Andrew J. Meader

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Andrew J. Meader" <ameader@corp.lcom.net>
To: Axel Heinrici <heinrici76@gmx.de>
Cc: netfilter@lists.netfilter.org
Subject: Re: ftp connection tracking
Date: Tue, 29 Jul 2003 07:52:19 -0500	[thread overview]
Message-ID: <3F266E03.7050106@corp.lcom.net> (raw)
In-Reply-To: <200307291322.04698.heinrici76@gmx.de>

Hi,

I just ran into this just yesterday. I was forgetting to load 
ip_conntrack_ftp in my iptables init script. For grins, here is a snip 
from my init script:

# Firewall Modules ~ assuming modularized kernel
    /sbin/modprobe ip_tables
    /sbin/modprobe iptable_nat
    /sbin/modprobe ip_conntrack
    /sbin/modprobe ip_conntrack_ftp

YMMV - your modules may vary :)

ajm

Axel Heinrici wrote:

>Hi
>
>I have problem connecting to a ftp-server on a non-standard port. I 
>remember there was an option to be set upon inserting the 
>kernel-module. The documentation on module-options seems a little weird 
>to me, and I can't find a clear answer.
>The Situation is simple. My computer and the router/firewall have 
>non-private IPs. Hence no Masquerading/SNAT is done. But the firewall 
>has to be set up denying any connection going out except for services 
>allowed explicitly. FTP is working fine (even active) when connecting 
>to servers on port 21. 
>What options do I have to aply when inserting the modules?
>
>greetings
>	Axel
>
>
>  
>

next prev parent reply	other threads:[~2003-07-29 12:52 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-07-29 11:22 ftp connection tracking Axel Heinrici
2003-07-29 11:41 ` Cedric Blancher
2003-07-29 15:22   ` ftp connection tracking (solved) Axel Heinrici
2003-07-29 12:52 ` Andrew J. Meader [this message]
2003-07-29 13:58   ` ftp connection tracking Axel Heinrici
2003-07-29 14:50     ` Andrew J. Meader
  -- strict thread matches above, loose matches on Subject: below --
2003-08-27 17:36 David Luyens
2003-08-31 10:48 ` Ralf Spenneberg
2003-09-01  1:04 ` Alistair Tonner

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3F266E03.7050106@corp.lcom.net \
    --to=ameader@corp.lcom.net \
    --cc=heinrici76@gmx.de \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.