Request for help: Debian firewall,
and maybe some kernelupgradetips
Don Erickson
derick at zeni.net
Sat Apr 16 07:51:43 CDT 2005
On Fri, 15 Apr 2005, Brian Kelsay wrote:
> ip_conntrack_ftp is a kernel module, but I'm not sure if it is on my firewall or not. A person could just check "lsmod" to see if it is loaded or "modprobe ip_conntrack_ftp" to initiate. Where in the kernel options is the support for this module? Under networking perhaps?
It's pretty buried in 2.6 -
-> Device Drivers
-> Networking support
-> Networking support (NET [=y])
-> Networking options
-> Network packet filtering (replaces ipchains) (NETFILTER
-> IP: Netfilter Configuration
My understanding of the ip_conntrack_ftp module is that it allows ftp
connections from masqueraded IPs. In fact, I know that it does this, I
don't know what else it might do. It is not necessary if you're ftp-ing
with a real internet IP address.
Regards
-Don
More information about the Kclug
mailing list