ftp conntrack - nat problem
Dave Strydom
strydom.dave at gmail.com
Wed Nov 9 16:40:24 CET 2005
Ok, so this is what it has all been reduced to, and I'm still getting
the same problem:
===============
Calypso ~ # iptables-save
# Generated by iptables-save v1.3.2 on Wed Nov 9 17:39:58 2005
*filter
:INPUT ACCEPT [56:29177]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [342:312699]
-A INPUT -s 127.0.0.1 -j ACCEPT
-A INPUT -s 192.168.0.0/255.255.255.0 -j ACCEPT
-A FORWARD -d 192.168.0.0/255.255.255.0 -m state --state
NEW,RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.0.0/255.255.255.0 -j ACCEPT
COMMIT
# Completed on Wed Nov 9 17:39:58 2005
# Generated by iptables-save v1.3.2 on Wed Nov 9 17:39:58 2005
*mangle
:PREROUTING ACCEPT [423:64196]
:INPUT ACCEPT [284:54362]
:FORWARD ACCEPT [20:3170]
:OUTPUT ACCEPT [391:326702]
:POSTROUTING ACCEPT [411:329872]
COMMIT
# Completed on Wed Nov 9 17:39:58 2005
# Generated by iptables-save v1.3.2 on Wed Nov 9 17:39:58 2005
*nat
:PREROUTING ACCEPT [136:9143]
:POSTROUTING ACCEPT [17:1649]
:OUTPUT ACCEPT [22:1499]
-A PREROUTING -d 209.212.112.162 -p tcp -m tcp --dport 21 -j DNAT
--to-destination 192.168.0.220:21
-A POSTROUTING -s 192.168.0.0/255.255.255.0 -j MASQUERADE
COMMIT
# Completed on Wed Nov 9 17:39:58 2005
Calypso ~ #
===============
Eish :(
More information about the netfilter
mailing list