Re: problem with pasive MODE and NAT

To: fcastillo@hostgreen.com
Cc: debian-isp@lists.debian.org
Subject: Re: problem with pasive MODE and NAT
From: corne@themailconnexion.com
Date: Wed, 17 Nov 2004 08:14:22 -0500
Message-id: <[🔎] 1100697262.419b4eae5c2dc@www.themailconnexion.com>
In-reply-to: <[🔎] 36832.80.58.2.42.1100620362.squirrel@webmail.hostgreen.com>
References: <[🔎] 36832.80.58.2.42.1100620362.squirrel@webmail.hostgreen.com>

Try loading two additional netfilter modules to do conection tracking for your
ftp conection called "ip_conntrack_ftp" and "ip_nat_ftp" this should sort out
your problem

Regards
Corne Alberts
Information Architect


Quoting Francisco Castillo <fcastillo@hostgreen.com>:

> 
> Hello,
> 
> I has a proftpd server on a linux debian woody with a NAT sheeme. So my
> proftpd is listening on the 192.168.0.X private ip and my router has
> mapping the ports from 40000 to 40010 from the public ip to the
> 192.168.0.X ip in order to allow pasive port transfers from internet. So
> i has this config on my proftpd.conf
> 
> ....................
> # para el NAT
> MasqueradeAddress       217.00.00.214
> PassivePorts 40000 40010        # These ports should be safe
> 
> 
> but i has this problem:
> 
> when i connect from a cuteftp client from a 192.168.0.Y ip the client get
> the correct pasive port to get data (40000) from the proftpd server but
> if i try to access from a public client ip (with cuteftp too) the server
> said to get a aleatorious port and not in the range 40000-40010
> COMANDO:>	PASV
> 	227 Entering Passive Mode (217,00,00,214,238,235)).
> 
> 
> 238,235 = 238*256 + 235 != 40000-40010
> 
> so i ask
> 
> what could be happening?
> How could i solve my problem?
> 
> Thanks in advance.
> 
> -- 
> 
> Hostgreen,
> http://www.hostgreen.com
> fcastillo@hostgreen.com
> tlf. 678205316 - 952431313
> id msn - fcastillopinazo@hotmail.com
> 
> 
> -- 
> 
> Hostgreen,
> http://www.hostgreen.com
> fcastillo@hostgreen.com
> tlf. 678205316 - 952431313
> id msn - fcastillopinazo@hotmail.com
> 
> 
> -- 
> 
> Hostgreen,
> http://www.hostgreen.com
> fcastillo@hostgreen.com
> tlf. 678205316 - 952431313
> id msn - fcastillopinazo@hotmail.com
> 
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> 
> 
> -- 
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> MailScanner thanks transtec Computers for their support.
> 




-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
MailScanner thanks transtec Computers for their support.

Reply to:

References:
- problem with pasive MODE and NAT
  - From: "Francisco Castillo" <fcastillo@hostgreen.com>

Prev by Date: decent webmail software - does it exist?
Next by Date: Re: decent webmail software - does it exist?
Previous by thread: problem with pasive MODE and NAT
Next by thread: UNSUBSCRIBE
Index(es):
- Date
- Thread