IPTABLES rules for active FTP
Noah
admin2 at enabled.com
Mon May 18 15:20:30 UTC 2009
Rashkae wrote:
> Noah wrote:
>> Hi there,
>>
>> I have found a few ways to do IPTABLES rules for active FTP. What is
>> the best rules to put in place?
>>
>> Cheers,
>>
>> Noah
>>
>
> There should be a kernel module that will empower conntrack to handle
> active ftp traffic properly. Make certain that nf_conntrack_ftp.ko is
> loaded with lsmod, and if it isn't use modprobe to load it. You
> shouldn't need any special iptables rules after that, just the one liner
> that you use to snat or masquerade will work.
>
> For that matter, look in your /lib/modules/version/kernel/net/netfilter
> directory. I would make sure that each of those modules is loaded for
> an Internet gateway system.
>
so what do your IPTABLE rules look like?
More information about the ubuntu-users
mailing list