FTP access from outside - Dimitri Yioulos

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Dimitri Yioulos <dyioulos@firstbhph.com>
To: netfilter@lists.netfilter.org
Subject: FTP access from outside
Date: Thu, 5 May 2005 10:29:12 -0400	[thread overview]
Message-ID: <200505051029.12757.dyioulos@firstbhph.com> (raw)

Hello, colleagues.

I'm embarassed to ask for help on this (it should be trivial to set up), but 
I'm having no luck:

I'd like to enable FTP access to my web server, which is sitting in a DMZ, 
from outside.  I've add proftpd, and believe I've set it up properly.  I can 
access FTP from my LAN, but not from outside.  I've added the following rules 
to allow access:

-A FORWARD -p tcp -m tcp -d 192.168.1.3 -i eth0 -o eth2 --dport 21 -j ACCEPT
-A PREROUTING -p tcp -m tcp -d 67.x.x.x -i eth0 --dport 21 -j DNAT 
--to-destination 192.168.1.3
-A POSTROUTING -s 192.168.1.3 -o eth0 -j SNAT --to-source 67.x.x.x

where eth0 is public interface and eth2 is DMZ interface

What have I missed (or messed up)?

As always, thanks.

Dimitri

next             reply	other threads:[~2005-05-05 14:29 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-05-05 14:29 Dimitri Yioulos [this message]
     [not found] <200505051437.j45EbauW006066@eden.inf.ed.ac.uk>
2005-05-05 14:48 ` FTP access from outside Dimitri Yioulos
2005-05-05 15:06   ` Daniel Wittenberg
2005-05-05 15:18     ` Dimitri Yioulos
2005-05-06  9:37       ` Jörg Harmuth
     [not found] ` <d5e96bf205050604367aef4e3a@mail.gmail.com>
     [not found]   ` <d5e96bf205050604378818c3d@mail.gmail.com>
2005-05-06 11:47     ` Dimitri Yioulos

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=200505051029.12757.dyioulos@firstbhph.com \
    --to=dyioulos@firstbhph.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox