[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: forwarding

Quoting Oswald Buddenhagen <ob6@inf.tu-dresden.de>:

> > Quick question as I haven't really used ipmasq that much.  What
> ipchains
> > rules would I add in order to have an ftpd running on port 5510 on
> > accessible from outside the internal network. I realize I have to
> forward
> > both 5510 and 5509 but I'm not sure how to go about it.
> >
> i don't know, if there are ways around it, but the masqerading-howto
> clearly states, that it is basically impossible to access hosts on the
> inner network from outside. masq-ing allows only outgoing connections.

IPMASQADM has a PORTFW "module" available.

These are the commands I'm using to forward ftp to an internal ftp server.
The FTP-DATA works typically in reverse direction of the control connection.

/usr/sbin/ipmasqadm portfw -a -P tcp -L 21 -R 21
/sbin/ipchains -A input -j ACCEPT -i eth1 -s -l -p tcp -d 

It works well for me, but of course I'm not using ftp on a different port.

John Kramer

Reply to: