RE: [Leaf-user] FTP port forwarding does not work. HELP !

Reginald R. Richardson Tue, 04 Dec 2001 10:00:45 -0800

Are u by chance using the PPPOE.LRP...

I realize that u're using wanadoo.nl, coincidently I have the same provide,
and for no good reason I can get the Port Forwarding to work, I tried it for
POP3 and SMTP, but I ain't lucky as yet, I was starting to think that
wanadoo, didn't allow incoming SMTP e-mail, like Planet, for my ADSL
connection via PLANENT, I have the portforwarding working on Smooth Wall, to
my Exchange Server without any problems, only that my DYNDNS has to send the
mail to a backup mail exchange at Planet, but I like this idea, incase my
connection is down, I know that my mail won't be bounce back to the sender..


But if u figure out how to get the portforwarding working on wanadoo.nl
please let me know..
After testing for some 2 weeks, I gived up..

-----Original Message-----
From: Maxim Heijndijk [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, December 04, 2001 18:39
To: Leaf-user Mailing List
Subject: [Leaf-user] FTP port forwarding does not work. HELP !


I have a dachstein-rc2 firewall PPTP-ADSL setup. I cannot get port
forwarding to work. My interfaces are: eth0 (10.0.0.100) which is connected
to an ADSL modem at 10.0.0.138. The external if is eth1 at 192.168.1.1 ,with
a built in hub which connects to the internal network 192.168.1.2,
192.168.1.3, 192.168.1.4. The pptp connection creates a ppp0 interface at a
semi-dynamic IP adress (when I switch off the modem, the ip-adress could be
changed. I hardly ever switch off the modem.) The FTP server is at
192.168.1.4. I can connect to it locally, but when I try to connect to it
via the ppp0 interface the connection is started but it hangs forever. When
I switch on SNMP_BLOCK=YES the connection is refused. The ip_masq_ftp and
ip_masq_portfw are loaded at boot together with all interfaces, but the ppp0
interface is started later on.

Some of my network.conf settings:

###########################
VERBOSE=YES
MAX_LOOP=10
IPFWDING_KERNEL=YES
IPALWAYSDEFRAG_KERNEL=YES
CONFIG_HOSTNAME=YES
CONFIG_HOSTSFILE=YES
CONFIG_DNS=YES

IF_AUTO="eth0 eth1"
IF_LIST="$IF_AUTO"

ALLIF_ACCEPT_REDIRECTS=NO
DEF_IP_SPOOF=YES
DEF_IP_KRNL_LOGMARTIANS=YES

BRG_SWITCH=NO
BRG_EXEMPT_PROTOS=""

eth0_IPADDR=10.0.0.100
eth0_MASKLEN=8
eth0_BROADCAST=10.0.0.255
eth0_IP_SPOOF=YES
eth0_IP_KRNL_LOGMARTIANS=YES

#GATEWAY is added by pppd
#eth0_DEFAULT_GW=0.0.0.0

eth1_IPADDR=192.168.1.1
eth1_MASKLEN=24
eth1_BROADCAST=192.168.1.255
eth1_IP_SPOOF=YES
eth1_IP_KRNL_LOGMARTIANS=YES

IPFILTER_SWITCH=firewall

# I DON'T KNOW WHAT TO DO WITH THIS:
SNMP_BLOCK=NO
SNMP_MANAGER_IPS="192.168.1.4"
MRK_CRIT=1
MRK_IA=2


EXTERN_IF="ppp0"
EXTERN_DHCP=YES
IF_DHCP=$EXTERN_IF
EXTERN_DYNADDR=NO
EXTERN_UDP_PORTS="0/0_domain 0/0_bootpc"
#If i set EXTERN_DHCP to NO, ipchains complains about host/port not found.
EXTERN_TCP_PORTS="0/0_ftp"

INTERN_IF="eth1"
INTERN_NET="192.168.1.0/24 10.0.0.0/8"
INTERN_IP=192.168.1.1
MASQ_SWITCH=YES


INTERN_FTP_SERVER=192.168.1.4


HOSTNAME=deflector.positronic.net

HOSTS1="# External network (eth0)"
HOSTS2="10.0.0.100   defiant.outbound.net      defiant"
HOSTS3="10.0.0.138   modem.outbound.net        modem"
HOSTS4="#"
HOSTS5="# Internal network (eth1)"
HOSTS6="192.168.1.1  deflector.positronic.net  deflector"
HOSTS7="192.168.1.2  holodeck.positronic.net   holodeck"
HOSTS8="192.168.1.3  shuttlebay.positronic.net shuttlebay"
HOSTS9="192.168.1.4  warpcore.positronic.net   warpcore"
HOSTS10="# Local network (lo)"

DOMAINS="wanadoo.nl"

DNS0=194.134.5.5
DNS1=194.134.0.97
######################################

This is some output of nmap on ppp0:

#######################################
Adding TCP port 80 (state open).
Adding TCP port 1023 (state open).
For OSScan assuming that port 80 is open and port 1 is closed and neither
are firewalled Interesting ports on xxxxx.adsl.wanadoo.nl (xxxxxx): (The
1539 ports scanned but not shown below are in state: closed)
Port       State       Service
21/tcp     filtered    ftp                     
80/tcp     open        http                    
1023/tcp   open        unknown                 

Remote operating system guess: Linux 2.1.122 - 2.2.16
Uptime 0.040 days (since Tue Dec  4 17:27:12 2001)
TCP Sequence Prediction: Class=random positive increments
                         Difficulty=1616821 (Good luck!)
IPID Sequence Generation: Incremental
##################################################

Weblet shows this:

prot localaddr            rediraddr               lport    rport  
TCP  192.168.254.254      192.168.1.4                21       21  


and:

               pkts bytes target     prot opt    tosa tosx  ifname     mark

                  0     0 DENY       icmp ----l- 0xFF 0x00  *

                  0     0 DENY       icmp ----l- 0xFF 0x00  *

                  0     0 DENY       icmp ----l- 0xFF 0x00  *


                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0


                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0


                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0


                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0


                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 REJECT     all  ----l- 0xFF 0x00  ppp0

                  0     0 REJECT     all  ----l- 0xFF 0x00  ppp0


                  0     0 REJECT     all  ----l- 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0


                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0


                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0


                  0     0 ACCEPT     tcp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0

                 69 21404 ACCEPT     tcp  ------ 0xFF 0x00  ppp0

                  0     0 ACCEPT     udp  ------ 0xFF 0x00  ppp0


                  0     0 ACCEPT     udp  ------ 0xFF 0x00  ppp0

                  0     0 DENY       udp  ------ 0xFF 0x00  ppp0

                  6  1200 ACCEPT     udp  ------ 0xFF 0x00  ppp0


                  1    84 ACCEPT     icmp ------ 0xFF 0x00  ppp0

                  0     0 ACCEPT     ospf ------ 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                238 37872 ACCEPT     all  ------ 0xFF 0x00  *


              Chain forward (policy DENY: 0 packets, 0 bytes):
               pkts bytes target     prot opt    tosa tosx  ifname     mark

                  0     0 DENY       icmp ----l- 0xFF 0x00  *

                 76  5502 MASQ       all  ------ 0xFF 0x00  ppp0


                  0     0 MASQ       all  ------ 0xFF 0x00  ppp0

                  0     0 DENY       all  ------ 0xFF 0x00  *

              Chain output (policy DENY: 0 packets, 0 bytes):

               pkts bytes target     prot opt    tosa tosx  ifname     mark

                361 43139 fairq      all  ------ 0xFF 0x00  *

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0


                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0


                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0


                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0

                  0     0 DENY       all  ----l- 0xFF 0x00  ppp0


                  0     0 DENY       all  ------ 0xFF 0x00  ppp0

                  0     0 DENY       all  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0


                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0


                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     udp  ------ 0xFF 0x00  ppp0

                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0


                  0     0 REJECT     tcp  ------ 0xFF 0x00  ppp0

                361 43139 ACCEPT     all  ------ 0xFF 0x00  *

              Chain fairq (1 references):
               pkts bytes target     prot opt    tosa tosx  ifname     mark


                  0     0 RETURN     ospf ------ 0xFF 0x00  *          0x1

                  0     0 RETURN     ospf ------ 0xFF 0x00  *          0x1

                  0     0 RETURN     udp  ------ 0xFF 0x00  *          0x1


                  0     0 RETURN     udp  ------ 0xFF 0x00  *          0x1

                  0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x1

                  0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x1

                  0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x1


                  0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x1

                  6   409 RETURN     udp  ------ 0xFF 0x00  *          0x1

                  6  1200 RETURN     udp  ------ 0xFF 0x00  *          0x1

                  0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x2


                  0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x2

                  0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x2

                  0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x2

 
and also:
                                                                  ::
Interfaces 
              1: lo:  mtu 3924 qdisc noqueue

                  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
                  inet 127.0.0.1/8 brd 127.255.255.255 scope global lo
              2: brg0:  mtu 1500 qdisc noop
                  link/ether fe:fd:0d:00:07:6e brd ff:ff:ff:ff:ff:ff

              3: eth0:  mtu 1500 qdisc pfifo_fast qlen 100
                  link/ether 00:80:5f:84:2e:ea brd ff:ff:ff:ff:ff:ff
                  inet 10.0.0.100/8 brd 10.0.0.255 scope global eth0

              4: eth1:  mtu 1500 qdisc pfifo_fast qlen 100
                  link/ether 00:20:18:3b:87:dc brd ff:ff:ff:ff:ff:ff
                  inet 192.168.1.1/24 brd 192.168.1.255 scope global eth1
              6: ppp0:  mtu 1500 qdisc pfifo_fast qlen 10

                  link/ppp
                  inet 194.134.195.252 peer 195.190.240.193/32 scope global
ppp0


                                                                    ::
Routes ::
              Kernel IP routing table

              Destination     Gateway         Genmask         Flags Metric
Ref  
              195.190.240.193 0.0.0.0         255.255.255.255 UH    0      0

              192.168.1.0     0.0.0.0         255.255.255.0   U     0      0

              10.0.0.0        0.0.0.0         255.0.0.0       U     0      0


              0.0.0.0         195.190.240.193 0.0.0.0         UG    0      0


                                                                   ::
Statistics

              Inter-|   Receive
|
               face |bytes    packets errs drop fifo frame compressed
multicast|

                  lo:       0       0    0    0    0     0          0
0 
                brg0:       0       0    0    0    0     0          0
0 
                eth0:  604081    1087    0    0    0     0          0
0 
                eth1:  122782     929    0    0    0     0          0
72 

                ppp0:  624214     675    0    0    0     0          0
0 


Can somebody help me out ? TIA.

-- 
Best regards, M@X.

* Climate Control Psychedelic Soundscapes - http://go.to/cchq/
* Linux Shell Scripts & RPM Software Packages - http://go.to/conmen/

_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user

_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user

RE: [Leaf-user] FTP port forwarding does not work. HELP !

Reply via email to