Problem With FTP and Maybe Port forwarding
 

Hello,

I am trying to set up an ftp server inside my network. Is this possible??? I am trying to forward port 2000 to my internal computer at ip 192.168.0.4 and I think that I am doing that right because I am not getting a log put in the drop log so I am assuming that it is getting through. But on the computer that has the ftp server there is nothing coming up in the log and the person trying to connect gets a timeout error. I type in the internal ip from a machine inside the network and this works fine. Just nothing outside can get in. Please help. I am using Mandrake 8.2 and the ftp server is on WinXP.

P.S is there and walkthrough/how-to for setting up an FTP server on the linux box...then I guess I cuold samba all the computers together and get the files anywhere on the network. This would work too but I don't know how to do it. Thanks in advance.

ComFox

From the HOW-TO:

http://www.netfilter.org/documentati...T-HOWTO-6.html

6.2 Destination NAT

This is done in the PREROUTING chain, just as the packet comes in; this means that anything else on the Linux box itself (routing, packet filtering) will see the packet going to its `real' destination. It also means that the `-i' (incoming interface) option can be used.

Destination NAT is specified using `-j DNAT', and the `--to-destination' option specifies an IP address, a range of IP addresses, and an optional port or range of ports (for UDP and TCP protocols only).

## Change destination addresses to 5.6.7.8
# iptables -t nat -A PREROUTING -i eth0 -j DNAT --to 5.6.7.8

## Change destination addresses to 5.6.7.8, 5.6.7.9 or 5.6.7.10.
# iptables -t nat -A PREROUTING -i eth0 -j DNAT --to 5.6.7.8-5.6.7.10

## Change destination addresses of web traffic to 5.6.7.8, port 8080.
# iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 \
-j DNAT --to 5.6.7.8:8080

Hope this is helpful,

-bbeers