Just out of interest, what do the numbers mean in the line: *227 Entering Passive Mode (10,101,64,144,173,138)*
I can see the 10 101 64 144 is the IP address of the server, but what about the 173, 138 numbers? On Fri, Mar 12, 2010 at 2:07 PM, Aidan Diffey <[email protected]>wrote: > Sorry, that IP tables entry should have been: > > > *DNAT tcp -- anywhere anywhere tcp dpt:ftp > to:10.101.64.144:10121 > * > > > > On Fri, Mar 12, 2010 at 1:56 PM, Niklas Gustavsson > <[email protected]>wrote: > >> On Fri, Mar 12, 2010 at 2:46 PM, Niklas Gustavsson <[email protected]> >> wrote: >> > In these case, are you really running behind iptables? Because, it >> > struck me that since you map the ports, the client will try to connect >> > to the server on 10120 since that's what the server told him to do in >> > the response to the PASV command. He will not know to connect on port >> > 20. >> >> That being said, we currently support providing an "external" IP >> address for passive connection, for use when we're behind a NAT. But, >> we do not support providing an "external" port, for this kind of use. >> We surely could, if people are really interested in port mapping >> passive connections. I doubt it is that useful, but who knows :-) >> >> /niklas >> > >
