Redirecting ftp
Hi
I'm having at strange problem with a Pure-Ftpd-MySQL. I got at firewal that
also hosts ftp and a smtp-gateway, plus the FW redirects web and some other
ports to another server.
The firewall is on 10.0.0.0/24 and it's outside IP is 10.0.0.2. The inside
is only one NIC, but it's divided into four.
¤ eth1 - 172.16.0.1/27 (DHCP,DNS,GATEWAY)
¤ eth1:1 - 172.16.0.4/27 (Ftp)
¤ eth1:2 - 172.16.0.4/27 (MAIL)
¤ eth1:3 - 172.16.0.33/29 (gateway for subnet)
My problem is when I try to connect to the ftpd-server from the outside. I
can connect to the server, and the ftpd-log confirm that the user is logged
in "[INFO] nogetfx is now logged in". But then the client, in this case
gftp, stall. In gftp it's stock a "Receiving file names...".
Part of the iptables-script:
PUBLIC='172.16.0.4'
WAN_IP='10.0.0.2'
# ¤¤¤ FTP ¤¤¤
iptables -t nat -A PREROUTING -d $WAN_IP -p udp --dport 20 -j DNAT
--to $PUBLIC:21
iptables -t nat -A PREROUTING -d $WAN_IP -p tcp --dport 20 -j DNAT
--to $PUBLIC:21
iptables -t nat -A PREROUTING -d $WAN_IP -p udp --dport 21 -j DNAT
--to $PUBLIC:21
iptables -t nat -A PREROUTING -d $WAN_IP -p tcp --dport 21 -j DNAT
--to $PUBLIC:21
iptables -A INPUT -p udp --dport 20 -d $PUBLIC -j ACCEPT
iptables -A INPUT -p tcp --dport 20 -d $PUBLIC -j ACCEPT
iptables -A INPUT -p udp --dport 21 -d $PUBLIC -j ACCEPT
iptables -A INPUT -p tcp --dport 21 -d $PUBLIC -j ACCEPT
BTW is udp necesarry..?
/Lars
________________________________________________
Message sent using UebiMiau 2.7.8 on http://www.mxhotel.dk
Reply to: