[Firehol-support] Errors when running firehol
Phil Whineray
phil at sanewall.org
Sat Jan 24 18:06:40 GMT 2015
On Sat, Jan 24, 2015 at 09:56:47AM -0800, Jason Miller wrote:
> On 09:32 Sat 24 Jan , Phil Whineray wrote:
> >
> > This command is successful for me:
> > /sbin/iptables -t filter -A OUTPUT -m conntrack --ctstate \
> > ESTABLISHED,RELATED -m helper --helper ftp -j ACCEPT
> >
> > I expect that the iptables command will fail for you with the same error
> > as reported via firehol.
> yup
> >
> > You can then try to see if it is conntrack / ftp helper / both:
> > /sbin/iptables -t filter -A OUTPUT -m conntrack --ctstate \
> > ESTABLISHED,RELATED -j ACCEPT
> works
> > /sbin/iptables -t filter -A OUTPUT -m helper --helper ftp -j ACCEPT
> >
> doesn't work; nf_conntrack_ftp is definitely loaded, see below
I see nf_nat_ftp is not in your list. I don't know for sure that is the
cause but could you try:
modprobe nf_nat_ftp
then re-do the iptables command.
Kind Regards
Phil
More information about the Firehol-support
mailing list