more ftp questions

inet question inetquestion@hotmail.com
Mon, 25 Jun 2001 13:47:13 -0400 

This is a multi-part message in MIME format.

------=_NextPart_000_0016_01C0FD7D.56FFFC10
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I was able to put rules in place to allow ftp traffic from the outside =
world to be sent
to an ftp server on my internal lan.  Now I need one or more rules which =
will:

1:  send ftp traffic from the internal lan to the same box the outside =
world goes to.
2:  have ftp traffic to localhost on the gateway server send to the ftp =
server on the internal lan.

My existing ruleset follows:

iptables -F -t nat

###Masq Internal LAN###
/sbin/./iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

###Ftp Traffic###
ftpserver=3D10.0.0.5
iptables -t nat -A PREROUTING -p tcp --dport 20 -i ppp0 -j DNAT --to =
$ftpserver:20
iptables -t nat -A PREROUTING -p tcp --dport 21 -i ppp0 -j DNAT --to =
$ftpserver:21

Thanks,

mailto:inetquestion@hotmail.com

------=_NextPart_000_0016_01C0FD7D.56FFFC10
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.3103.1000" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>I was able to put rules in place to =
allow ftp=20
traffic from the outside world to be sent</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>to an ftp server on my internal =
lan.&nbsp; Now I=20
need one or more rules which will:</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>1:&nbsp; send ftp traffic from the =
internal lan to=20
the same box the outside world goes to.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>2:&nbsp; have ftp traffic to localhost =
on the=20
gateway server send to the ftp server on the internal lan.</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>My existing ruleset =
follows:</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>iptables -F -t nat</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>###Masq Internal =
LAN###<BR>/sbin/./iptables -t nat=20
-A POSTROUTING -o ppp0 -j MASQUERADE<BR></FONT></DIV>
<DIV><FONT face=3DArial size=3D2>###Ftp =
Traffic###<BR>ftpserver=3D10.0.0.5<BR>iptables=20
-t nat -A PREROUTING -p tcp --dport 20 -i ppp0 -j DNAT --to=20
$ftpserver:20<BR>iptables -t nat -A PREROUTING -p tcp --dport 21 -i ppp0 =
-j DNAT=20
--to $ftpserver:21</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Thanks,</FONT></DIV>
<DIV>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2><A=20
href=3D"mailto:inetquestion@hotmail.com">mailto:inetquestion@hotmail.com<=
/A></FONT></DIV></BODY></HTML>

------=_NextPart_000_0016_01C0FD7D.56FFFC10--