LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Stuck with Masquerading with ProFTPD Version 1.3.3e (https://www.linuxquestions.org/questions/linux-server-73/stuck-with-masquerading-with-proftpd-version-1-3-3e-892469/)

j.smith1981 07-19-2011 06:35 AM
Stuck with Masquerading with ProFTPD Version 1.3.3e
 
I am literally quite stuck with proftp the version being: ProFTPD Version 1.3.3e#

I have the following config:

Quote:
ServerName "FTP Server"
ServerType standalone
DefaultServer on

Port 21

UseIPv6 off

Umask 022

MaxInstances 10

User ftp
Group ftp


#DefaultRoot ~

AllowOverwrite on

<Limit SITE_CHMOD>
DenyAll
</Limit>


<Global>
RootLogin off
RequireValidShell off
</Global>

<VirtualHost ftp.myolddomain.co.uk>

ServerName "ftp.myolddomain.co.uk"
DefaultChdir /www/myolddomain.co.uk
DefaultRoot /www/myolddomain.co.uk
ShowSymlinks off

<Anonymous /ftp/myolddomain.co.uk/anonymous>
User jeremy
UserAlias anonymous jeremy
Group myolddomain
</Anonymous>

MasqueradeAddress ftp.myolddomain.co.uk

# these 2 settings are turned off for debugging purposes!
# MaxClients 5
# MaxClientsPerHost 2
</VirtualHost>

<VirtualHost ftp.mynewdomain.me.uk>

ServerName "ftp.mynewdomain.me.uk"
DefaultChdir /www/mynewdomain.me.uk
DefaultRoot /www/mynewdomain.me.uk
ShowSymlinks off

<Anonymous /ftp/mynewdomain.me.uk/anonymous>
User jeremy
UserAlias anonymous jeremy
Group mynewdomain
</Anonymous>

MasqueradeAddress ftp.mynewdomain.me.uk

# these 2 settings are turned off for debugging purposes!
# MaxClients 5
# MaxClientsPerHost 2
</VirtualHost>
My setup for the above would be:

ftp.myolddomain.me.uk which resolves to 192.168.0.10
ftp.mynewdomain.me.uk which resolves to 192.168.0.11

I only have 1 public facing IP address from my ISP but I would like to be able to view the 2 anonymous directories.

ftp.myolddomain.me.uk would show the conents of: /ftp/myolddomain.me.uk/anonymous
ftp.mynewdomain.me.uk would show the conents of: /ftp/mynewdomain.me.uk/anonymous

How would I allow this from a NAT firewalls perspective please?

I mean I have opened the port 20 (data port) and the 21 (command port) for FTP, would i then just limit the passive ports in the proftp config then changing them for each host and then open them using my NAT firewall?

I mean I require (sorry to be a pain) clear steps on understanding how to get this working, it's far better I am given precise steps then I can learn what's going on you know?

I mean would I need to logically seperate out a series of passive ports and then open them using my custom routers NAT, so each passive port goes to its own virtual host as such? Just a bit confused about what the next steps would entail

I mean I don't have any firewall on my Linux box, don't see the point since I use pfSense and an IPS/IDS and it's never been hacked since!

Your help is much appreciated,
Jeremy.

j.smith1981 07-19-2011 11:06 AM
Ok as an update for myself mainly have changed the MasqueradeAddress to my public IP address, but now with the passive ports as say with the first domain name:

PassivePorts 11000 22000

and the 2nd being:

PassivePorts 33000 44000

I thought initially they would be a wide enough range, opened (just for debugging purposes) ports 20 and 21 and the passive ranges above so from 11000-22000 and 33000 - 44000 respectively.

But no prompt is coming up now.

Does anyone have an idea of what I am possibly doing wrong with this?

Searched for many tutorials on the web but just can not seem to get this working.

Any helps much appreciated as usual,
Jeremy.


All times are GMT -5. The time now is 10:34 AM.