Thanks for your help here - I will try that tomorrow. I hope it works out, but I believe there might be something else there...
See, I thought that the 'data' connection on FTP was not needed to just login into the FTP server - I know that the port 20 connection will be used for data transfer (GET/PUT) and to list files on response of a DIR command, but I believe it should not be required to just log in into the server. If I only map port 21, I would expect to have an error when trying to transfer, but I should still be able to just log in...
Also.. if I might need to perform proxy FTP transfers; Do I need to map the inverse routes so the FTP server can see my desktop?
Thanks, Carlos-
Greg Brown wrote:
FTP requires both ports 20 and 21. Create a new line in your iptables script to forward port 20 as well and you should be good to go.
Greg
On Sunday, August 3, 2003, at 09:43 AM, Carlos J. Cela wrote:
Hi,
I have a network configuration with two segments, one connected using ethernet and the other using fibre-channel. Only one machine is connected to both network segments, a RedHat 8 with 2.4.20 kernel. - ifconfig will list the fc adapter just as another NIC.
What I am trying to do is to access an FTP server located in a machine in the fibre-channel segment from my desktop (WinXP), which is connected in the ethernet LAN segment.
I have created an alias of the ethernet card of the Linux box, and my intention was for that alias to redirect all incoming requests to the FTP server on the other segment, by:
#setup an alias for the ethernet card ifconfig eth0:0 192.168.200.247 up
#Enable ip_tables echo "1" > /proc/sys/net/ipv4/ip_forward
#Translated address of alias (247) to FC card, so I can FTP from my remote PC
iptables -t nat -A PREROUTING -p tcp -d 192.168.200.247 --dport 21 -j DNAT --to 192.168.201.11
Where the 192.168.201.11 is the actual ip of the FTP server, and 192.168.200.247 is the ip to access it from the ethernet side. For some reason this is only partially working - I get a 'ftp unknown error' when trying to connect. I know that the packets are being redirected because if not it will connect to the local FTP server on the Linux box...I am new to iptables.. is this the right way to go here? What am I missing? Help?
Thanks- Carlos
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
