* [LARTC] active ftp & connection tracking ?
@ 2003-05-06 18:23 raptor
2003-05-07 5:55 ` raptor
2003-05-07 7:25 ` Thomas Braun
0 siblings, 2 replies; 3+ messages in thread
From: raptor @ 2003-05-06 18:23 UTC (permalink / raw)
To: lartc
this :
iptables -A FORWARD -i internal-interface -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -j DROP
doesn't seem to work for active-ftp .. i even manualy loaded ip_conntrack_ftp but as u see it is unused :
# lsmod
Module Size Used by Not tainted
ip_conntrack_ftp 4272 0 (unused)
iptable_nat 17468 0 (autoclean) (unused)
ipt_state 568 3 (autoclean)
ip_conntrack 20616 3 (autoclean) [ip_conntrack_ftp iptable_nat ipt_state]
ipt_LOG 3352 1 (autoclean)
ipt_limit 1016 1 (autoclean)
iptable_filter 1708 1 (autoclean)
ip_tables 12408 7 [iptable_nat ipt_state ipt_LOG ipt_limit iptable_filter]
......
any idea why it doesn work...
passive-ftp is ok.
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] active ftp & connection tracking ?
2003-05-06 18:23 [LARTC] active ftp & connection tracking ? raptor
@ 2003-05-07 5:55 ` raptor
2003-05-07 7:25 ` Thomas Braun
1 sibling, 0 replies; 3+ messages in thread
From: raptor @ 2003-05-07 5:55 UTC (permalink / raw)
To: lartc
> If you use nat try to load ip_nat_ftp.
>
> cu thomas
no i'm not using nat
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] active ftp & connection tracking ?
2003-05-06 18:23 [LARTC] active ftp & connection tracking ? raptor
2003-05-07 5:55 ` raptor
@ 2003-05-07 7:25 ` Thomas Braun
1 sibling, 0 replies; 3+ messages in thread
From: Thomas Braun @ 2003-05-07 7:25 UTC (permalink / raw)
To: lartc
Hi,
> # lsmod
>Module Size Used by Not tainted
>ip_conntrack_ftp 4272 0 (unused)
>iptable_nat 17468 0 (autoclean) (unused)
>ipt_state 568 3 (autoclean)
>ip_conntrack 20616 3 (autoclean) [ip_conntrack_ftp iptable_nat ipt_state]
>ipt_LOG 3352 1 (autoclean)
>ipt_limit 1016 1 (autoclean)
>iptable_filter 1708 1 (autoclean)
>ip_tables 12408 7 [iptable_nat ipt_state ipt_LOG ipt_limit iptable_filter]
>
If you use nat try to load ip_nat_ftp.
cu thomas
>......
>
>
>any idea why it doesn work...
>passive-ftp is ok.
>_______________________________________________
>LARTC mailing list / LARTC@mailman.ds9a.nl
>http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
>
>
>
--
Thomas Braun WESTEND GmbH | Internet-Business-Provider
Technik CISCO Systems Partner - Authorized Reseller
Lütticher Straße 10 Tel 0241/701333-17
tb@westend.com D-52064 Aachen Fax 0241/911879
_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-05-07 7:25 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-05-06 18:23 [LARTC] active ftp & connection tracking ? raptor
2003-05-07 5:55 ` raptor
2003-05-07 7:25 ` Thomas Braun
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.