ftp conntrack - nat problem
Dave Strydom
strydom.dave at gmail.com
Thu Nov 10 11:16:41 CET 2005
woohoo I found the problem.
in the proftpd.conf on the server behind the firewall you need to add
something like this to the proftpd.conf file:
---
MasqueradeAddress 209.212.xxx.xxx
PassivePorts 60000 65535
---
then in the iptables:
$IPTABLES -t nat -A PREROUTING -d 209.212.xxx.xxx -p tcp --dport
60000:65535 -j DNAT --to-dest 192.168.0.xxx
Now it's working perfectly.
Dave
More information about the netfilter
mailing list