From: iansolo <iansolo.netfilter@betisgroup.com>
To: netfilter@lists.netfilter.org
Subject: Re: ftp nat MAX PORTS
Date: Mon, 07 Feb 2005 12:42:18 +0100 [thread overview]
Message-ID: <4207541A.7030700@betisgroup.com> (raw)
In-Reply-To: <420100AF.1040105@betisgroup.com>
Hi,
somebody have understand my problem?
thanks
iansolo wrote:
> Hi All,
> I've a problem with ftpserver behind a NAT.
> My necessity is to run ftpserver in a different port then 21.
> This is the situation:
>
> Router
> |
> Firewall
> |
> Ftpserver
>
> I use this modules ad pass these parameters :
>
> /sbin/modprobe ip_tables
> /sbin/modprobe ip_conntrack
> /sbin/modprobe ip_conntrack_ftp ports=21,9000
> /sbin/modprobe iptable_nat
> /sbin/modprobe ip_nat_ftp ports=21,9000
> /sbin/modprobe ipt_MASQUERADE
> /sbin/modprobe ipt_state
>
> The realtive iptables rules are only these:
>
> $IPTABLES -t nat -A PREROUTING -p tcp -d $EXT_LAN_FW --dport 9000 -j NAT
> --to-destination $IP_FTPSERVER:9000
> $IPTABLES -A FORWARD -i $EXT_IF -p tcp --dport 9000 -j ACCEPT -d
> $IP_FTPSERVER
>
> Unfortunately don't work!
>
>
> VERY IMPORTANT :
>
> - All work fine is the port is 21!!
>
> - When I try to connect with my ftp-client(with port 9000), at a certain
> point I tray to send packets to local IP of firewall ($EXT_LAN_FW).....
>
> Others Questions:
>
> - In the source code of ip_conntrack_ftp there is a variable "MAX_PORTS",
> but I don't understand what mean...
> - What is "Patch-O-Matic" ?
>
>
> Thanks a lot in advance!
> iansolo
>
> ps: excuse me, my English is poor
>
>
>
>
> ________ Information from NOD32 ________
> This message was checked by NOD32 Antivirus System for Linux Mail Server.
> http://www.nod32.com
next prev parent reply other threads:[~2005-02-07 11:42 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-02-02 16:32 ftp nat MAX PORTS iansolo
2005-02-07 11:42 ` iansolo [this message]
2005-02-07 12:49 ` pom rpc and rsh patches Alexander Piavka
[not found] ` <bd35181c05020211473cb89b35@mail.gmail.com>
[not found] ` <4201D91A.5030500@betisgroup.com>
[not found] ` <200502081011.46026.luismnieto@gmail.com>
2005-02-08 13:54 ` ftp nat MAX PORTS iansolo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4207541A.7030700@betisgroup.com \
--to=iansolo.netfilter@betisgroup.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.