Ping a Specific Port

Question

hellb0y77

Asked: 2015-01-16 00:46:20 +0800 CST2015-01-16 00:46:20 +0800 CST 2015-01-16 00:46:20 +0800 CST

iptables: DNAT configuration FTP service

772

Hi have a FTP server behind a firewall and have problemi with DNAT configuration, internal server have ip 192.168.4.110:

iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 20 -j DNAT --to-destination 192.168.4.110:20
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 21 -j DNAT --to-destination 192.168.4.110:21
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1024:1048 -j DNAT --to-destination 192.168.4.110:1024-1048

And i have nf_nat_ftp and nf_conntrack_ftp modules loaded but not work, from FTP client i have a timeout

1 Answers

Voted

danw · Answer 1 · 2015-01-19T15:45:39+08:00

danw

2015-01-19T15:45:39+08:002015-01-19T15:45:39+08:00

You quote the port range "1024-1048" in your existing config. Are you implying that you've restricted your FTP server to only use these ports for data connections ? If so, what you've done should work.

Check your machine is set to route packets by doing:

cat /proc/sys/net/ipv4/ip_forward

You should get a "1" back if forwarding is enabled, which will be required for what you're trying to achieve.

0

iptables: DNAT configuration FTP service

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?