Michael Schwendt wrote:
Here's what I use, depending on where you are trying to add handling for ftp:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 29 Oct 2003 00:49:51 +0100, Desquerre Yohann wrote:
I'd like to automate the loading of the "ip_conntrack_ftp" module on my gateway i suposed that i have to add the follow line to my /etc/modules.conf file :
alias char-major-XX ip_conntrack_ftp
No. With Red Hat's more recent iptables packages, you would add the module name to the /etc/sysconfig/iptables-config file which contains brief instructions.
moreever i don't know the number i have to put to replace XX.
Is anyone got an idea ???
With /etc/modules.conf it would be
add above ip_tables ip_conntrack_ftp
for instance.
- -- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/nwMS0iMVcrivHFQRAswgAJ9W20ikKT5bAMUdvFB2ykqCiC05tQCeKRME Sr3KYsbyWK9eWXH2BeLFFYc= =czuo -----END PGP SIGNATURE-----
-- fedora-list mailing list fedora-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-list
For FTP DCC (not passive) through the local system as a nat hiding gateway be sure to insmod ip_nat_ftp and ip_conntrack_ftp modules, which can be accomplished
by adding the following two lines to /etc/modules.conf
# iptables modules added for ftp through gw by snat or masquerade hidden systems
above iptable_nat ip_nat_ftp ip_conntrack_ftp
On an ftp server which you want clients to be able to access via passive FTP be
sure to insmod ip_conntrack_ftp module, which can be accomplished by adding the
following two lines to /etc/modules.conf
# iptables module added for passive ftp access to ftpd on local system above ip_conntrack ip_conntrack_ftp
-- Chris
