'Rif: Re:modprobe ip_nat_ftp strange problem - help please'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    Rif: Re:modprobe ip_nat_ftp strange problem - help please
From:       <andreagx () tin ! it>
Date:       2002-02-12 13:23:02
[Download RAW message or body]

yes, 
proftpd work direcly on a linux box! (10.0.0.5) , and respond with error 425 
m$ ftp work on nt server (10.0.0.2) , and work fine




my rules: 
# Generated by iptables-save v1.2.4 on Sat Feb  2 19:17:12 2002
*filter
:INPUT ACCEPT [9660:815597]
:FORWARD ACCEPT [456:111205]
:OUTPUT ACCEPT [9832:770299]
:tcp_packets - [0:0]
-A INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j LOG 
-A INPUT -p icmp -m icmp --icmp-type 8 -j DROP 
-A FORWARD -s 10.0.1.0/255.255.255.0 -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j DROP 
COMMIT
# Completed on Sat Feb  2 19:17:12 2002
# Generated by iptables-save v1.2.4 on Sat Feb  2 19:17:12 2002
*nat
:PREROUTING ACCEPT [8699:420737]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [59:4352]
-A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.2:80 
-A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 21 -j DNAT --to-destination 10.0.0.2:21 
-A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 30 -j DNAT --to-destination 10.0.0.2:30 
-A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 5800 -j DNAT --to-destination 10.0.0.2:5800 
-A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 5900 -j DNAT --to-destination 10.0.0.2:5900 
-A POSTROUTING -j SNAT --to-source 10.0.0.5 
COMMIT
# Completed on Sat Feb  2 19:17:12 2002


> 
> Da: "Dharmendra.T" <dharmu@nsecure.net>
> Data: 12/02/2002 13:41
> A: andreagx@tin.it
> cc: netfilter <netfilter@lists.samba.org>
> Oggetto: Re:modprobe ip_nat_ftp strange problem - help please
> 
> 
> Have you allowed data connection (port 20) in your rules, if not allow 
> 
> 
> Hi, all
> I use modprobe ip_nat_ftp  and  I can connect my ftp NT ftp server on
> another ip (10.0.0.2)  - DNAT - , and work fine.
> 
> The problem is "proftpd" , i want to connect this ftp server directly on
> linuxbox on port 71 but the ftp respond with error :
> 425 Can't built data connection timed out
> 
> -- 
> Dharmendra.T
> Linux Security Expert
> www.nsecure.net
> 
> The content of this email message and any attachments are confidential and 
> may be legally privileged, intended solely for the addressee.  If you are not 
> the intended recipient, be advised that any use, dissemination, distribution, 
> or copying of this e-mail is strictly prohibited.  If you receive this 
> message in error, please notify the sender immediately by reply email and 
> destroy the message and its attachments.
> 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic