/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
James D. Silliman wrote:
> I tried using the port command on the ftp_masq_module, like so. I still get
> the hangs that Engstrom got using any port but 21. Some ftp servers allow
> you to specify a passive range of ports, but that didn't help either. G6 is
> one of these ftp server programs that does.
>
> FW_IP=216.19.163.7
> FW_PORT=2000, 2001, 2002, 2003, 2004, 2005, 2006
first thing: you can't specify an environment variable like this.
either put quotes around it or remove all the spaces. i'm surprised
you didn't get a shell syntax error when you executed this line.
second thing: i think you have to remove the spaces for the ftp module.
so change it to:
FW_PORT="2000,2001,2002,2003,2004,2005,2006"
raf
> INT_IP=192.168.0.7
> INT_PORT=21
>
> export PATH=/usr/sbin:/sbin:$PATH
> modprobe ip_masq_portfw debug=0
> ipmasqadm portfw -f
> ipmasqadm portfw -a -P tcp -L $FW_IP $FW_PORT -R $INT_IP $INT_PORT
this won't work either. you can't specify multiple ports after -L.
do it in a loop with one ipmasqadm command per port.
> ipmasqadm portfw -l -n
> rmmod ip_masq_ftp
> modprobe $* ip_masq_ftp ports=$FW_PORT
can you do modprobe twice? i'd ditch the one at the top and put this
one in its place.
> ----- Original Message -----
> From: "raf" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Wednesday, July 18, 2001 8:57 PM
> Subject: Re: [Masq] ipchains and FTP Server
>
> > [EMAIL PROTECTED] wrote:
> >
> > > While we're at it though...I have my own question that I can't seem to
> get
> > > an answer to. I have an internal server that I am trying to portforward
> ftp
> > > traffic to and it's not working. I think because I'm sending traffic
> from
> > > port 2001 to the internal server and missing out on the ftp data that's
> > > going to port 20. Does anyone know how to do this. Basically I just
> need
> > > to forward data through my server to the internal ftp-server, BUT I
> can't
> > > use ports 20 or 21, since I have an anonymous ftp server running on
> those
> > > ports.
> > >
> > > any help would be appreciated.
> > >
> > > carl
> >
> > i thought (but i could be wrong) all you had to do was load
> > the ip_masq_ftp module with an argument like port=2001
> > (it might be ports=2001) and it would take care of the
> > data channel. are you doing this?
> >
> > raf
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
