ftp conntrack - nat problem

Dave Strydom strydom.dave at gmail.com
Wed Nov 9 16:56:23 CET 2005


So if it isnt the firewall, then what on earth could it be?

Because from the tethereal output, you can see that FTP-DATA isnt
being sent, any idea of what could cause this?

If i remove the nat, and ftp things direct the firewall it works fine,
it's only if I nat stuff to a ftp behind the firewall.


----------------------------------
On 11/9/05, /dev/rob0 <rob0 at gmx.co.uk> wrote:
> On Wednesday 2005-November-09 09:40, Dave Strydom wrote:
> > Ok, so this is what it has all been reduced to, and I'm still
> > getting the same problem:
>
> What more can I say?
>
> > Calypso ~ # iptables-save
>
> This is like not having a firewall at all. The only functional part is
> the NAT, DNAT FTP inbound, MASQUERADE LAN clients outbound.
>
> Not having a firewall is not necessarily a disaster, BTW. A properly
> configured system should still be safe without it.
> --
>     mail to this address is discarded unless "/dev/rob0"
>     or "not-spam" is in Subject: header
>
>



More information about the netfilter mailing list