Is that correct ? Am I not the only one who thinks the instructions for NATing FTP are V.contradictory ?
ps. This is NOT a flame I think IPTABLES is excellent... My firewall did have : modprobe ip_conntrack modprobe ip_conntrack_ftp This worked for some FTP connections but not for others.. I've now added : modprobe ip_nat_ftp to see if that helps. Is their some clear documentation on FTP NAT somewhere ? Axel Heinrici wrote: >Hi >On Thursday 13 June 2002 11:58, Payal wrote: > > >>Hi, >>As I said earlier I am using Mdk Linux 8.2 with kernel 2.4.18. I >>am trying to shift from ipchains to iptables for a simple reson >>that I cannot connect to one particular ftp site where >>ip_masq_ftp was required in earlier versions of kernel. Now this >>module is no longer available. So, I have to shift to iptables >>since connecting to that site is really imp. >>But I am having a problem. I read briefly NAT and iptables HOWTOs >>and decided the rule, >>iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE >> >>My loaded modules by lsmod include, >>ipt_MASQUERADE 1504 5 (autoclean) >>iptable_mangle 2336 0 (autoclean) (unused) >>iptable_nat 15988 1 (autoclean) [ipt_MASQUERADE] >>ip_conntrack 15180 1 (autoclean) [ipt_MASQUERADE >>iptable_nat] iptable_filter 1952 0 (autoclean) >>ip_tables 11584 6 [ipt_MASQUERADE iptable_mangle >>iptable_nat iptable_filter] >> >> > >You will also need the modules ip_conntrack_ftp.o ip_nat_ftp.o. >Otherwise you will not succeed in doing active FTP. > >greetings > Axel > > -- Regards, Malcolm Turnbull IT Manager Crocus.co.uk Ltd 01344 629661 07715 770523 http://www.crocus.co.uk/
