Hi, just subscribed to the iist, not had confirmation response yet, so i hope this gets through and i can see responses.
i've got haproxy 1.5 installed and working, and it's working well so far. i'm setting up a few servers to handle all our ftp, but in the meantime, i'm using haproxy to proxy ftp from specific ip's to specific servers. typical ftp listener in my haproxy.cfg: listen ubuntu-server-12-ftp bind 213.146.180.246:21 mode tcp bind-process 1 option tcplog balance leastconn server ubuntu-server-12 192.168.51.201:21 send-proxy check iptables rules on the load balancers: -A PREROUTING -d 213.146.180.246/32 -p tcp -m tcp --dport 6100:6200 -j DNAT --to-destination 192.168.51.201 -A POSTROUTING -s 192.168.51.201/32 -j SNAT --to-source 213.146.180.246 the server on 192.168.51.201 has the gateway address 192.168.51.1, which is the floating ip used between the two haproxy servers. the haproxy servers default route for 0.0.0.0/0 is our firewall this is all working fine for external ftp access. i've configure proftpd with the required defaultaddress, masqueradeaddress, passive port range etc. however, i've now found out i'm also required to allow ftp use FROM this server to external ftp servers. however when i try to ftp out, i can connect to a server and login, but can't do anything else: Connected to ftp.*****.com. 220 Welcome to the ******* FTP service. Name (ftp.****.com:root): p******* 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 500 Illegal PORT command. ftp: bind: Address already in use ftp> dir 500 Illegal PORT command. ftp> pwd 257 "/" ftp> what do i need to do to get this working? thanks lee.