From Bugzilla Helper: User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-7.0.1 i686) Description of problem: I have setup ipchains for my firewall. It works great except for ftp. Looking at the firewall setupscript provided by RH, I see that it needs kernel module ip_masq_ftp, which is nowhere to be found in the rpms. Does anyone know where it is. Or maybe a solution that works. How reproducible: Always Steps to Reproduce: 1. Setup ipchains firewall 2. Setup an internal network { with masq to do the nat for us } 3. Open up ftp port and data to the internal network { so that your internal users can use ftp to get files from sites }. Actual Results: I can connect to a site and see header information. But when i do a ls, I get a timeout. Also, in IE. Expected Results: List directory contents of website. Additional info:
There is no ip_masq_ftp module for the ipchains compatibility implementation in the 2.4.x kernels. Switch to iptables if you want protocol-specific masquerading again, or enable "passive mode" when using FTP. Alternatively, you may opt to run the 2.2.19-7.0.1 kernel from Red Hat Linux 7.0 any time. With a few exceptions that may be important to you, 7.1 is compatible with that one. So, iptables is the way to go...