[rlug] Re: NAT FTP

Tue, 17 May 2005 02:23:01 -0700 

am incercat deja asta, pb e ca-mi mor pe forward...sau cel putin asa
zice el... uite ce-am la forward
---------
-A FORWARD -p tcp -j bad_tcp_packets
-A FORWARD -i $LAN_IFACE -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

si bad_tcp_packets
----------
-A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j LOG \
--log-prefix "New not syn:"
-A bad_tcp_packets -p tcp ! --syn -m state --state NEW -j DROP
---------

uite ce zice logu'

----------
May 17 12:11:49 gate IPT FORWARD packet died: IN=eth1 OUT=eth0
SRC=213.157.x.x DST=192.168.200.x LEN=60 TOS=0x00 PREC=0x00 TTL=53
ID=7247 DF PROTO=TCP SPT=1075 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0
May 17 12:11:50 gate Incoming FTP: IN=eth1 OUT=
MAC=00:50:da:1b:76:0d:00:90:d0:af:7f:f5:08:00 SRC=213.157.x.x
DST=10.0.0.10 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=26387 DF PROTO=TCP
SPT=1076 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0
May 17 12:11:50 gate IPT FORWARD packet died: IN=eth1 OUT=eth0
SRC=213.157.x.x DST=192.168.200.x LEN=60 TOS=0x00 PREC=0x00 TTL=53
ID=26387 DF PROTO=TCP SPT=1076 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0
May 17 12:11:53 gate Incoming FTP: IN=eth1 OUT=
MAC=00:50:da:1b:76:0d:00:90:d0:af:7f:f5:08:00 SRC=213.157.x.x
DST=10.0.0.10 LEN=60 TOS=0x00 PREC=0x00 TTL=54 ID=26388 DF PROTO=TCP
SPT=1076 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0
May 17 12:11:53 gate IPT FORWARD packet died: IN=eth1 OUT=eth0
SRC=213.157.x.x DST=192.168.200.x LEN=60 TOS=0x00 PREC=0x00 TTL=53
ID=26388 DF PROTO=TCP SPT=1076 DPT=21 WINDOW=5840 RES=0x00 SYN URGP=0
--------------



----- Original Message -----
From: "Andras Babos" <[EMAIL PROTECTED]>
To: <[email protected]>
Sent: Tuesday, May 17, 2005 11:24 AM
Subject: [rlug] Re: NAT FTP


> Pune asta in iptables
>
> A PREROUTING -d 10.0.0.y -p tcp -m tcp --dport 21 -j
DNAT --to-destination
> 192.168.x.x
> -A POSTROUTING -s 192.168.x.x -p tcp -m tcp --dport 21 -j
SNAT --to-source
> 10.0.0.y
>
> ----- Original Message -----
> From: "Catalin Farcasanu" <[EMAIL PROTECTED]>
> To: <[email protected]>
> Sent: Tuesday, May 17, 2005 11:15 AM
> Subject: [rlug] NAT FTP
>
>
> > problema e urmatoarea
> >
> > localnet-------------eth0(linux)eth1-----------eth0(router)------
> > internet
> > 192.169.x.x       192.169.x.y / 10.0.0.x          10.0.0.y
> > 86.x.x.x
> >
> >
> > serverul de ftp il am in localnet si trebuie sa ajung la el. am
incercat
> > mai multe variante dar nu mi-a mers nici una.
> >
> > default router-ul face nat la tot la 10.0.0.x. am incercat sa fac un
nat
> > de la 10.0.0.x la adresa mea din localnet dar nu mi-a functionat de
nici
> > o culoare. am incercat sa fac nat din router direct catre adresa
locala,
> > dar nici asta nu a functionat. probabil ca gresesc ceva si la
momentul
> > asta nu-mi dau seama ce anume.
> >
> > sugestii?
> >
> >
> > ---
> > Detalii despre listele noastre de mail: http://www.lug.ro/
> >
> >
> >
> >
> > --
> > This message was scanned for spam and viruses by BitDefender
> > For more information please visit http://linux.bitdefender.com/
>
>
> --
> This message was scanned for spam and viruses by BitDefender
> For more information please visit http://linux.bitdefender.com/
>
>
> ---
> Detalii despre listele noastre de mail: http://www.lug.ro/
>


--- 
Detalii despre listele noastre de mail: http://www.lug.ro/

Raspunde prin e-mail lui