Problem with masqueraded ftp
=?iso-8859-1?Q?Andr=E9?= Feld
feld@comnets.rwth-aachen.de
Thu, 21 Oct 1999 15:25:59 +0200
Hi all,
I just recently installed Kernel 2.3.18 and netfilter 1.10 on my router.
The router is connected via an ADSL/ATM line to the internet. I also
included the ftp-modules as specified in the Quickstartpage
http://www.samba.org/netfilter/QUICKSTART
But it is not posible to establish a correct active ftp connection from
a computer inside my private network. From the router active ftp
connections work fine, because there ist no masquerading neccessary.
For internal machines the connection establishment works up to the
password dialog and the following prompt. During this connection
establisment I get the folowing log entrys:
Oct 21 15:15:29 david kernel: ip_conntrack_ftp_help: no match
Oct 21 15:15:36 david last message repeated 15 times
When executing a command e.g. an "ls" I get the log entrys:
Oct 21 15:15:46 david kernel: ip_conntrack_ftp_help: match
Oct 21 15:15:46 david kernel: nf_iterate: NF_DROP for c1095560.
Oct 21 15:15:46 david kernel: ip_conntrack_ftp_help: match
Oct 21 15:15:46 david kernel: nf_iterate: NF_DROP for c1095b60.
Oct 21 15:15:47 david kernel: ip_conntrack_ftp_help: match
Oct 21 15:15:47 david kernel: nf_iterate: NF_DROP for c1095aa0.
Oct 21 15:15:48 david kernel: ip_conntrack_ftp_help: match
Oct 21 15:15:48 david kernel: nf_iterate: NF_DROP for c1095260.
Oct 21 15:15:51 david kernel: ip_conntrack_ftp_help: match
Oct 21 15:15:51 david kernel: nf_iterate: NF_DROP for c2af7600.
Oct 21 15:15:56 david kernel: ip_conntrack_ftp_help: match
Oct 21 15:15:56 david kernel: nf_iterate: NF_DROP for c20ea480.
Any suggestion how to solve this problem.
Any help is very much appreciated!
Kind regards
Andre