Thanks Doug, I tried it and it worked fine. I think this probably it more secure than opening an entire range of ports on my firewall. - Jeroen On Tuesday 20 July 2004 12:36 pm, Doug Maurer wrote: > On Tue, 2004-07-20 at 01:47, J.L. Coenders wrote: > > I think that Doug made the mistake of not reading the replies to my > > question, since I asked the same question quite recent. We are not the > > same person. > > > > But Doug, can you post how your solution works? I now opened up a port > > range in my firewall and I restricted vsftpd to those ports for passive > > mode. But i now understand there is also another (better?) way to go. > > > > - Jeroen > > I put the following in two files. (they might be redundant, bu it works) > > /etc/modprobe.conf > alias ip_conntrack ip_conntract_ftp ip_nat_ftp > > /etc/rc.local > /sbin/modprobe ip_conntract > /sbin/modprobe ip_conntrack_ftp > /sbin/modprobe ip_nat_ftp > > then rebooted > > > On Tuesday 20 July 2004 06:04 am, Edward wrote: > > > Doug Maurer wrote: > > > > I've asked this question before, but nothing has helped > > > > > > > > I'm trying to ftp out, I can log into a remote system (another FC2 > > > > system, mine, configured with vsftpd and NAT running.) > > > > > > > > on the local side I get > > > > 227 Entering Passive Mode (x,x,x,x,80,76) > > > > ftp: connect: No route to host > > > > > > > > I can log into another system like ftp.linux.ncsu.edu just fine. > > > > > > > > only thing is, its only this box, on the remote box I can ftp out to > > > > another fc2/fc1, etc.. with no problem. > > > > > > > > the local box was just reloaded from scratch. with basic iptables > > > > running.. with no local nat. and still get the error. > > > > > > > > does anyone have any idea, what might be causing this? > > > > > > Yes, the answers you got the first time you asked this will solve your > > > problem. > > > > > > Instead of "Basic" iptables and all that you describe above, why don't > > > you try (just temporarily) to run NO iptables whatsoever and see what > > > that does? > > > > > > Seems logical to me. > > > > > > Regards, > > > Ed. > > -- > Doug Maurer > doug@xxxxxxxxxxx > Linux user #299439