|
Hello everyone,
I have a firewall configured to forward port 80 traffic
to an internal machine. I was wondering if the same thing is possible with
ftp traffic. The rules I am using are as follows:
iptables -A PREROUTING -t nat -i EXTINF -p tcp -d 1.2.3.4 --dport 21 -j
DNAT --to 192.168.2.5:21
iptables -A FORWARD -i EXTINF -p tcp -d 192.168.2.5 --dport 21 ACCEPT
iptables -A FORWARD -i EXTINF -o INTIF -p tcp --dport 21 -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -A PREROUTING -i EXTINF -p tcp --dport 21 -d 1.2.3.4 -j
DNAT --to-destination 192.168.2.5:21
iptables -t nat -A POSTROUTING -o INTIF -p tcp --dport 21 -d 192.168.2.5 -j
SNAT --to-source 192.168.2.254
I can connect to the ftp server but then I cannot establish a data channel
between the client and the server.
Any help would be appreciated. If you want to see output of anything
I can include it.
Thanks
Travis Crook
Visions Beyond
|
- Re: ftp forward to internal machine Travis Crook
- Re: ftp forward to internal machine Antony Stone
- Re: ftp forward to internal machine Travis Crook
- Re: ftp forward to internal machine Antony Stone
- Re: ftp forward to internal machine Travis Crook
- RE: ftp forward to internal machine Omar Castaneda Acosta
- RE: ftp forward to internal machine Omar Castaneda Acosta
- Re: ftp forward to internal machine Antony Stone
- Re: ftp forward to internal machine Tom Eastep
- Re: ftp forward to internal machine Antony Stone
- Ipmasqadm translation John Jones
