Re: FTP from iptables

From: John Jasen (jjasen1@umbc.edu)
Date: 09/26/01


Date: Wed, 26 Sep 2001 13:28:03 -0400
From: John Jasen <jjasen1@umbc.edu>
To: Derry Santoso <derry@ainet.co.id>
Subject: Re: FTP from iptables
Message-ID: <Pine.SGI.4.31L.02.0109261326480.6144732-100000@irix2.gl.umbc.edu>

On Wed, 26 Sep 2001, Derry Santoso wrote:

> [root@xxxxxx /root]# lsmod
> Module Size Used by
> ip_nat_ftp 3760 0 (unused)
> ipt_REJECT 2528 4 (autoclean)
> ipt_MASQUERADE 1712 1 (autoclean)
> iptable_nat 16160 1 (autoclean) [ip_nat_ftp ipt_MASQUERADE]
> ip_conntrack 15824 1 (autoclean) [ip_nat_ftp ipt_MASQUERADE
> iptable_nat]
> iptable_filter 2304 0 (autoclean) (unused)
> ip_tables 11072 6 [ipt_REJECT ipt_MASQUERADE iptable_nat
> iptable_filter]

Might need ip_conntrack_ftp as well.

I have the following:
Module Size Used by
ipt_limit 848 7
ipt_REJECT 1856 22
ipt_state 576 7
ipt_REDIRECT 736 0 (autoclean)
ipt_LOG 3088 5 (autoclean)
iptable_filter 1696 0 (autoclean) (unused)
ip_nat_ftp 3744 0 (unused)
iptable_nat 16192 1 [ipt_REDIRECT ip_nat_ftp]
ip_conntrack_ftp 2144 0 [ip_nat_ftp]
ip_conntrack 18688 3 [ipt_state ipt_REDIRECT ip_nat_ftp
iptable_nat ip_conntrack_ftp]
ip_tables 12512 9 [ipt_limit ipt_REJECT ipt_state ipt_REDIRECT ipt_LOG iptable_filter iptable_nat]

--
-- John E. Jasen (jjasen1@umbc.edu)
-- In theory, theory and practise are the same. In practise, they aren't.