Re: Ftp, Iptables and masquerade

To: fr ml <frml2@caramail.com>
Cc: debian-firewall@lists.debian.org
Subject: Re: Ftp, Iptables and masquerade
From: Sebastiaan <S.Breedveld@ITS.TUDelft.NL>
Date: Fri, 13 Jul 2001 10:18:24 +0200 (METDST)
Message-id: <[🔎] Pine.HPP.3.95.1010713101436.21784A-100000@elektron.its.tudelft.nl>
In-reply-to: <[🔎] 995011101010177@caramail.com>

On Fri, 13 Jul 2001, fr ml wrote:

> 
> Hello,
> 
> I've tried to masquerade my private Lan from the outside,
> but I've got problems for ftp (port 21).
> 
> At first, I've tried such a rule (where eth0 is private and
> eth1 public):
> iptables -t nat -A POSTROUTING -o eth1 -s private_lan
>  -d 0.0.0.0/0 -p tcp -m state
>  --state NEW,ESTABLISHED,RELATED -j MASQUERADE
> 
> 
> with no success, the packet send are quite masquerade, but
> the reply are still using the original non-masquerade ip
> address.
> 
Hello,

why do you not use the ftp modules ip_conntrack_ftp.o and ip_nat_ftp.o?
They come with the netfilter options in the kernel. Works fine.

Greetz,
Sebastiaan

Reply to:

References:
- Ftp, Iptables and masquerade
  - From: fr ml <frml2@caramail.com>

Prev by Date: Ftp, Iptables and masquerade
Next by Date: Re: help for a newbie
Previous by thread: Ftp, Iptables and masquerade
Next by thread: Re: Re[1] Ftp, Iptables and masquerade
Index(es):
- Date
- Thread