For some time I've had my Debian box run nicely as a gatewat server but just recently I've added another machine to my network and I'm having some issues.
I do alot of file-sharing via FTP and having one main box to do this (WinXP). With this sites I connect to some don't support PASV and some perform ident checks. To combat this I wrote my firewall like below.
# Clearing tables..
$iptables -t nat -F
# Loading modules..
# Allowing designated ports..
$iptables -A INPUT -i ppp0 -p tcp --dport 22 -j ACCEPT
$iptables -A INPUT -i ppp0 -p tcp --dport 80 -j ACCEPT
$iptables -A INPUT -i ppp0 -p tcp --dport 113 -j ACCEPT
# Allowing new/already non-ppp0 connections..
$iptables -A INPUT -m state --state NEW -i ! ppp0 -j ACCEPT
$iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Blocking everything..
$iptables -A INPUT -i ppp0 -p all -j DROP
# IP forwarding/masq rules..
echo "1" > /proc/sys/net/ipv4/ip_forward
$iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
# Port forwarding..
$iptables -t nat -A PREROUTING -p tcp --dport 113 -j DNAT --to 192.168.0.5:113
As you can see the last line will forward ident reqs to my main box, but this is a problem when i'm using .5, same thing happens with IRC obviously.
As far as PASV goes i've modified the firewall have allow access on certain ports which are then forwarded to me @ .1, and hence not work @ .5.
My mate told me to load the modules which I have above but they aren't working as I'd like
Does anyone know of a way around this? Any help would honestly be much appreciated