Hi All,

I have a problem with my firewall settings.

Currently, tproxy cannot work with with FTP in active mode.

In my firewall settings, I have

               

        iptables -A INPUT -m tproxy -j ACCEPT    # Accept all traffic for tproxy??

        #### Default Drop everything in INPUT chain

        iptables -P INPUT DROP                          # NOTE the default DROP policy

        iptables -P OUTPUT ACCEPT

               

For Active FTP, my proxy server is listening on behalf of the connected client but somehow the FTP server cannot connect back due to the firewall DROP policy on INPUT.

What I want is to accept all tproxy traffic even with the default DROP policy.

Will iptables -A INPUT -m tproxy -j ACCEPT impose any security concerns?

Thanks very much for any help.

TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.