Hello,
I have done some more digging into the kernel code to try to understand
what is happening. I noticed that in net/netfilter/nf_nat_ftp.c, the
expectfn on the FTP data connection expectation is set to
nf_nat_follow_master().
I was wondering about the purpose of this function? Could it b
Hi Pablo,
Thank you for getting back to me. Also thanks for pointing me to
libnetfilter_conntrack, I will definitely have a look.
I am using kernel 4.1.39 and the issue can be reproduced with the
following ruleset on the Proxy host:
iptables -t nat -A POSTROUTING -j MASQUERADE
iptables -t man
Hi Gregory,
On Tue, Feb 06, 2018 at 03:40:20PM +0100, Gregory Vander Schueren wrote:
> Hello,
>
> I have the following IPv4 network:
>
> FTPClient <-> Proxy <--> FTPServer.
> 10.0.0.2 10.0.0.1 1.1.1.11.1.1.2
>
> FTPClient connects to FTPServer
Hello,
I have the following IPv4 network:
FTPClient <-> Proxy <--> FTPServer.
10.0.0.2 10.0.0.1 1.1.1.11.1.1.2
FTPClient connects to FTPServer in PASSIVE mode, meaning the FTPClient
initiates the data connection towards FTPServer. Proxy perfor