MASQUERADE problems with non standard FTP ports

Florent florent@arcimex.com
Thu, 16 Aug 2001 16:44:08 +0200

Previous message: MASQUERADE problems with non standard FTP ports
Next message: MASQUERADE problems with non standard FTP ports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

You must add the RELATED state to :
IPTABLES -A INPUT -p tcp --sport 1024:65535 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

Because passive FTP creates a new connection, your rule only accept ESTABLISHED packets and no SYN.

Florent

Previous message: MASQUERADE problems with non standard FTP ports
Next message: MASQUERADE problems with non standard FTP ports
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]