I have this configuration: clients -- Internet -- Linux box -- private network -- router -- external network -- FTP server
The client must access the FTP server which resides in a network out of my control. The FTP server has IP address PRIVATE_NAT. My solution is: map the FTP server to PUBLIC_NAT on the Linux box; plus, masquerade the client connection to the FTP server as coming from the Linux box (so that the external network knows where to route the answers). The Linux gateway is configured this way: ip route add nat PUBLIC_NAT via PRIVATE_NAT ip rule add prio 3000 from PRIVATE_NAT nat PUBLIC_NAT modprobe ip_masq_ftp ipchains -A forward -d PRIVATE_NAT -j MASQ The problem is: passive FTP from a client to the server doesn't work. is this a problem with ip_masq_ftp? is there anything I can do to make it work? William
