We have a small office running a lan with the usual masquerading and
forwarding that allows us to use 10.0.0.1/8 as our LAN, and a single IP as
the router outbound interface. The router is the Linux Firewall box, and
all the traffic *APPEARS* to be handled correctly, web pages and the like.
But one user needs access to an FTP server that requires non-passive FTP.
Can someone tell me how to set up a rule that will allow all of the random
data ports that FTP uses for things like " ls -al " and the like? FTP does
a PORT command to establish this sort of thing, from what I remember, but
it's totally random if I recall. *scratching head*. I don't want to
defeat the purpose of the firewall by just allowing oodles of ports to
willy-nilly be ACCEPTed.
And please, if you write, could you copy under email to irishboy at
Imadethis dot com? I'd really appreciate it. !!!!