Hello. I'm experiencing problems when connecting from the internet to a FTP server running proFTPd which is behind a NAT.
This server is in a DMZ. The iptables firewall works properly. I have no problems using it from the local network with both modes passive and active when I don't specify the MasqueradeAddress directive.
If I specify the MasqueradeAddress directive, then I cannot use passive mode from inside the local network (due to the destination address used, which is private)
227 Entering Passive Mode (a,b,c,d,242,212)
wher a.b.c.d is my static public IP address, the MasqueradeAddress.
But, from outside it occurs the same! I do not underestand why. The passive ports range is covering all possibilities: 1024 to 65535.
I'd like to be able to use both modes from any location.
Is it possible with proFTPD? I found a pseudo-solution which used a virtual server with no MasqueradeAddress directive, but this doesn't work, gives login errors.
Other things I don't underestand are the fact that the command SITE_UTIME is not recognized even if is explicitly allowed in proftpd.conf and how can I get rid of the keepalives, I mean, control the disconnection timeout when there is no activity.
I use inetd, cause I cannot switch to standalone. When I switch to standalone and restart the server, it becomes unreachable.