Hi All, I have a problem with my firewall settings. Currently, tproxy cannot work with with FTP in active mode. In my firewall settings, I have ............ # Allow packets that belong to tproxy pass. iptables -A INPUT -m tproxy -j ACCEPT # Accept all traffic for tproxy?? #### Default Drop everything in INPUT chain iptables -P INPUT DROP # NOTE the default DROP policy iptables -P OUTPUT ACCEPT ......... For Active FTP, my proxy server is listening on behalf of the connected client but somehow the FTP server cannot connect back due to the firewall DROP policy on INPUT. What I want is to accept all tproxy traffic even with the default DROP policy. Will "iptables -A INPUT -m tproxy -j ACCEPT" impose any security concerns? Thanks very much for any help. TREND MICRO EMAIL NOTICE The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.