Wed, 11 Jul 2001 22:45:44 +0100 (WEST)
Hi was wondering if someone can give me some help
with a problem i'm having with iptables. I wan't to allow
people to connect to an internal ftp server.
But some how it doesn't work.
These are rules I' using for doing the job:
$IPTABLES -A tcp_allowed -p TCP -i $EXTERNAL_ETH0 --dport 21 -j ACCEPT
$IPTABLES -A tcp_allowed -p TCP -i $EXTERNAL_ETH0 --dport 20 -j ACCEPT
$IPTABLES -t nat -A PREROUTING -p tcp -d $EXTERNAL_IP --dport 21 -j DNAT
$IPTABLES -t nat -A POSTROUTING -o $EXTERNAL_ETH0 -s $INTERNAL_FTP -j SNAT
The clients can't even connect.
I do an ftp from an external machine with no nat(i.e.), a public ip.
and nothing happends.