* [LARTC] active ftp & connection tracking ? @ 2003-05-06 18:23 raptor 2003-05-07 5:55 ` raptor 2003-05-07 7:25 ` Thomas Braun 0 siblings, 2 replies; 3+ messages in thread From: raptor @ 2003-05-06 18:23 UTC (permalink / raw) To: lartc this : iptables -A FORWARD -i internal-interface -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -j DROP doesn't seem to work for active-ftp .. i even manualy loaded ip_conntrack_ftp but as u see it is unused : # lsmod Module Size Used by Not tainted ip_conntrack_ftp 4272 0 (unused) iptable_nat 17468 0 (autoclean) (unused) ipt_state 568 3 (autoclean) ip_conntrack 20616 3 (autoclean) [ip_conntrack_ftp iptable_nat ipt_state] ipt_LOG 3352 1 (autoclean) ipt_limit 1016 1 (autoclean) iptable_filter 1708 1 (autoclean) ip_tables 12408 7 [iptable_nat ipt_state ipt_LOG ipt_limit iptable_filter] ...... any idea why it doesn work... passive-ftp is ok. _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] active ftp & connection tracking ? 2003-05-06 18:23 [LARTC] active ftp & connection tracking ? raptor @ 2003-05-07 5:55 ` raptor 2003-05-07 7:25 ` Thomas Braun 1 sibling, 0 replies; 3+ messages in thread From: raptor @ 2003-05-07 5:55 UTC (permalink / raw) To: lartc > If you use nat try to load ip_nat_ftp. > > cu thomas no i'm not using nat _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [LARTC] active ftp & connection tracking ? 2003-05-06 18:23 [LARTC] active ftp & connection tracking ? raptor 2003-05-07 5:55 ` raptor @ 2003-05-07 7:25 ` Thomas Braun 1 sibling, 0 replies; 3+ messages in thread From: Thomas Braun @ 2003-05-07 7:25 UTC (permalink / raw) To: lartc Hi, > # lsmod >Module Size Used by Not tainted >ip_conntrack_ftp 4272 0 (unused) >iptable_nat 17468 0 (autoclean) (unused) >ipt_state 568 3 (autoclean) >ip_conntrack 20616 3 (autoclean) [ip_conntrack_ftp iptable_nat ipt_state] >ipt_LOG 3352 1 (autoclean) >ipt_limit 1016 1 (autoclean) >iptable_filter 1708 1 (autoclean) >ip_tables 12408 7 [iptable_nat ipt_state ipt_LOG ipt_limit iptable_filter] > If you use nat try to load ip_nat_ftp. cu thomas >...... > > >any idea why it doesn work... >passive-ftp is ok. >_______________________________________________ >LARTC mailing list / LARTC@mailman.ds9a.nl >http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ > > > -- Thomas Braun WESTEND GmbH | Internet-Business-Provider Technik CISCO Systems Partner - Authorized Reseller Lütticher Straße 10 Tel 0241/701333-17 tb@westend.com D-52064 Aachen Fax 0241/911879 _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/ ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2003-05-07 7:25 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2003-05-06 18:23 [LARTC] active ftp & connection tracking ? raptor 2003-05-07 5:55 ` raptor 2003-05-07 7:25 ` Thomas Braun
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.