> -----Original Message----- > From: Paul Johnson [mailto:[EMAIL PROTECTED]] > Sent: Thursday 19 December 2002 13:17 > To: debian-user List > Subject: Re: ipmasq with ICQ, IRC > > > On Thu, Dec 19, 2002 at 04:58:53PM +1100, Rob Weir wrote: > > Yes, there is. iptables has modules for ftp (to support non-passive > > mode) and irc (to support dcc, etc). They're called > > ipt_{conntrack,nat}_{irc,ftp}, IIRC. > > Does this work automagically once inserted, or is there some trick to > iptables to prod it into service? I suspect the latter is true, as > I've tried it with just inserting the modules and it didn't > work as expected. >
You probably need these rules : iptables -A INPUT -m state --state RELATED -j ACCEPT (iptables -A FORWARD -m state --state RELATED -j ACCEPT) iptables -A OUTPUT -m state --state RELATED -j ACCEPT depending on your actual filtering config. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
