Martin Theiß wrote:
Bingo, this is it. You single sentence saves me so much time. I knew this. But when it is needed, it does not come out of my mind :(Clement <[EMAIL PROTECTED]> wrote on Friday, 13. August 2004 (18:20):
I have this in the iptables setup:
$ADD INPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT $ADD INPUT -p udp -m state --state ESTABLISHED -j ACCEPT $ADD OUTPUT -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT $ADD OUTPUT -p udp -m state --state ESTABLISHED -j ACCEPT $ADD OUTPUT -p tcp --dport 21 -j ACCEPT ....
And I cannot do ftp. All the data mode traffic of FTP are blocked. Apparently the ESTABLISHED,RELATED specification is not followed. The module ipt_state is there and executing the above does not show any error message. I have tried "modprobe ipt_state" before the above to no success. Any idea?
Have you already tried to load the module ip_conntrack_ftp
And thank you very much for other suggestions. For the record, I use ncftp. It uses passive ftp by default.
Regards, Clement
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
