On Sunday 26 May 2002 17:02, you wrote: > Zdraveite vsichki. > > Naskoro mi se sluchi da configuriram edin server na edin priatel i s > iznenada razbrah che dostavchika mu e filtriral port 21 i veroiatno i port > 20. > > Taka che sichki mashini zad toia server ne mogat da dostypvat do ftp. > > Pomislih malko i reshih da prekaram vsichki ftp packeti presz drug server > na koito sym pusnal ftp proxy na port 3128. > > Eto kak go napravih: > > iptables -A PREROUTING -t nat -p tcp -s local.net.addre.ss -d 0.0.0.0/0 > --dport 21 -j DNAT --to ftp.proxy.addre.ss:3128 > > > Spored ochakvaniata mi tova triabvashe da sraboti no reszultatyt e > slednia. > > C:\WINDOWS>ftp ftp.cdrom.com > Connected to wcarchive.cdrom.com. > > I do tuk umira sled koeto dava timeout
opitva da pravi active ftp session, opitaj s passive, tovaga ftp clienta iniciira connection-a, a ne kakto e pri active server-a da upload-va kym clienta, i v slu4aq ne mozhe da go dostypne stoto e nat-van. > Interesnoto e che ako sloja na brousera tova ftp proxy sichko si bachka. stoto browser-a po default pravi passive ftp session ;-) > Neshto propuskam li ? v kernel-a na NAT box-a support za FTP connection tracking. [ftp conn track helper - built-in ili module] demek CONFIG_IP_NF_FTP pri NAT-vani machini tova se iziskava (helpers) za FTP, DCC pri IRC i nqkoj drugi po-specialni protokoli ot tova visoko nivo. RealAudio ? -- Greets, fr33zb1 ============================================================================ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html ============================================================================
