On Thu, 2003-06-05 at 04:37, [EMAIL PROTECTED] wrote: > My IPTABLES rules include a rule for what IP addresses I > allow FTP connectons from, > > ## Allowed FTP clients listed here: > $IPTABLES -A ALLOW_PORTS_I_EXT -p tcp -s www.xxx.yyy.zzz --dport 21 ACCEPT > > > and then rules of the sort > > ## Accept Established, Related. > $IPTABLES -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT > | > for both input and output to allow the data connection. > > PROBLEM: > If I just run the IPTABLES rules, and then try to connect from the > outside, I can connect, but trying to do a 'dir' produces no output. > Clearly the data connection is being refused. > > If I then do a /sbin/modprobe ip_conntrack_ftp and try again, everything > works fine. > SO how should this module be getting loaded ???
Well, add the "/sbin/modprobe ip_conntrack_ftp" line in one of the startup scripts, or best, in the same script used to setup the firewall rules. > I can always build ITABLES into the kernel rather than leaving it as > modules, but Id like to know whats wrong with my current setup. > is something missing from modules.conf or what? > > > -- > Reg.Clemens > [EMAIL PROTECTED] > > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
