What's the right way to configure the firewall without using system-config-security? I want to open a range of ports so I can provide passive FTp, but system-config-securitylevel requires you to specify ports one by one I think. Here is a good explanation of firewalls and passive FTP. Linkname: Active FTP vs. Passive FTP, a Definitive Explanation URL: http://slacksite.com/other/ftp.html It says the FTP server opens an arbitrary range of high ports that the client communicates through. And vsftpd allows you to specify a range with pasv_max_port and pasv_min_port. You can write directly to /etcs/sysconfig/iptables, but there is a prominent notice there saying that is not recommended. I also want to be able to use system-config-securitylevel to turn the firewall on and off and open ssh, ftp, http etc. I want to retain the use of it. system-config-securitylevel will probably wipe out the changes I make to /etc/sysconfig/securitylvel, won't it? -- Greg Matheson, Taiwan
