LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Forwarded ftp immediately drops connection
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 02-28-2004, 10:18 PM   #1
wilco
LQ Newbie
 
Registered: Feb 2004
Posts: 1

Rep: Reputation: 0
Forwarded ftp immediately drops connection

Hi, I have a really strange problem. I am trying to forward http and ftp traffic from my firewall with a public ip to an internal server with private ip. The http forwarding works without a problem but when I use the exact same rule to forward the ftp port the connection starts up but immediately drops. The logging for my ftp forward reveals this:

Client->FTP Server: SYN
FTP Server->Client: ACK SYN
Client->FTP Server: ACK
FTP Server->Client: ACK PSH
FTP Server->Client: ACK PSH
FTP Server->Client: ACK PSH
FTP Server->Client: ACK PSH
Client->FTP Server: RST

I have the following modules loaded in the kernel (2.4.24 from debian 3.0):
ipt_LOG 3448 2 (autoclean)
ipt_state 568 0 (autoclean)
ipt_MASQUERADE 1560 0 (autoclean)
iptable_filter 1740 1 (autoclean)
ip_nat_ftp 2928 0 (unused)
iptable_nat 17134 2 [ipt_MASQUERADE ip_nat_ftp]
ip_tables 12544 7 [ipt_LOG ipt_state ipt_MASQUERADE iptable_filter iptable_nat]
ip_conntrack_ftp 4176 1
ip_conntrack 20100 3 [ipt_state ipt_MASQUERADE ip_nat_ftp iptable_nat ip_conntrack_ftp]

My firewall config is:
---8<-----
#!/bin/sh

EXTIF=eth0
INTIF=eth1
EXTIP=1.2.3.4
INTIP=192.168.150.3
LOCALNET=192.168.150.0
FTPSVR=192.168.150.10
HTTPSVR=192.168.150.10

# Load modules
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp

# Set default policies and flush tables
iptables -P FORWARD ACCEPT
iptables -F FORWARD
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -t nat -F

# Masquerade
iptables -t nat -A POSTROUTING -o $EXTIF -s $LOCALNET/24 -j SNAT \
--to $EXTIP

# Forward ftp traffic to internal server
iptables -A FORWARD -d $FTPSVR -j LOG --log-prefix "--TO FTP: "
iptables -A FORWARD -s $FTPSVR -j LOG --log-prefix "--FROM FTP: "
iptables -t nat -A PREROUTING -i $EXTIF -p tcp --dport 21 \
-j DNAT --to $FTPSVR

# Forward http traffic to internal server
iptables -t nat -A PREROUTING -i $EXTIF -p tcp --dport 80 \
-j DNAT --to $HTTPSVR
---8<-----

I have been struggling with this for 2 days now and everything I have tried gives the same result, http working ftp doesn't. Any help on this would be greatly appreciated.
Thanks in advance

Gustav Petersson
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Connection drops out, must reboot? tmpatrick Linux - Wireless Networking 6 03-03-2011 08:13 PM
Mandriva wi-fi drops connection... shadowmoses Linux - Wireless Networking 1 08-18-2005 02:03 PM
Wireless connection drops after few minutes jeffpr Linux - Wireless Networking 2 07-10-2005 08:30 AM
ssh connection drops jeffpoulsen Linux - Networking 5 10-08-2003 09:57 PM
eth0 drops connection intermittently JLDixon Linux - Networking 5 09-28-2003 04:27 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:04 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration