Is ip_conntrack_ftp needed for 1:1 nat?
pascal.mail at plouf.fr.eu.org
Wed Jun 7 21:10:17 CEST 2006
Robert LeBlanc a écrit :
> the FTP protocol contains the source IP and port,
The _destination_ address and port.
> which wouldn't
> make sense since it is a private address. At least that is what I
> understand of the FTP protocol.
> Are there any other protocols that have issues like this that I'm not
> aware of?
You can have an idea by looking at the available conntrack/NAT helper
modules (ip_conntrack_* and ip_nat_*) for the Linux kernel : IRC DCC
(file transfer and peer to peer communication with an IRC client), TFTP,
PPTP, some communication/multimedia/peer to peer protocols such as
H.323/Netmeeting, RTSP, SIP, MSN Messenger, DirectX, MMS (Microsoft
Streaming Media), Talk...
More information about the netfilter