Re: IPchains question

["Paul B. Brown" <pbrown btechnet com>]

Hummm . . . .

Port 20 = data connection
Port 21 = control connection (data connection as well in passive mode)

If the data connection to port 20 is not being allowed then you have a
problem Houston.  My idea here is that the data connection is initiated
from the remote site, maybe?  If so, you're not allowing the connection.
Anyone else have any thoughts on this?

Paul

---------------------------------------------------------------------------
Paul B. Brown                          pbrown btechnet com
President
Brown Technologies Network, Inc.       http://www.btechnet.com/

Unix Systems Administration            "Sailing is a state of mind . . . ."
---------------------------------------------------------------------------

On Sun, 4 Jul 1999, Brian Hand wrote:

> Hello, I am using the following two ipchains commands to setup ip
> masquade on a 10.*.*.* network
> 
> /sbin/ipchains -P forward DENY
> /sbin/ipchains -A forward -s 10.0.0.0/255.0.0.0 -j MASQ
> 
> every thing works fine except for active ftp sessions,  can anyone offer
> the command you use to allow active ftp connections back in.  I realize
> that passive does work, however I have many winblows and macincraps on the
> private network and they are the ones I need to get working.
> 
> Thanks
> Brian
> 
> 
> 
> 
> -- 
>   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> 		http://www.redhat.com http://archive.redhat.com
>          To unsubscribe: mail redhat-install-list-request redhat com with 
>                        "unsubscribe" as the Subject.
>