Here is my big problem!

My system is:
Slackware 8.1 (router/firewall)
Running Arno's IPTABLES Firewall Script!


I wan't to run an FTP server (Proftpd standalone) on my Linux server on port 1111.
And I allso want to run a FTP server (G6 FTP server) on my windows XP box on port 1112 that is connect to my linux box on port 192.168.0.2.

What port should I forward to 192.168.0.2 to get i work on port 1112?
And what port should I open to my linux box to get port 1111 work?

Every thing is working on my internal net. I can connect to both ftp clients. No problems. But I can connect to none of the ftp servers from Internet. I can connect to the ftps but I can't list them. So I think there must be some problem with the ports. Is there any more port I must open to get it work.

Noteable is that if I configureat any of the ftp clients on port 21 than it works like a charm to connect from internet. Why I don't know!!!!

I have tested to connect to the ftp servers both in passive and in active mode!

PLEASE HELP ME!!!

Well, I do not know Slack so maybe my suggestions turn out to be missed, but I see nobody wants to answer, so ...

You should have already got one of the line in the iptables chains:
iptables -t nat -A POSTROUTING -o $ext_eth -j SNAT --to-source=$linux_box_ext_ip
or
iptables -t nat -A POSTROUTING -o $ext_eth -j MASQUERADE
I believe you have also got the line:
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

To allow linux box ftp be seen on port 1111 as $linux_box_ext_ip:1111from the world add:
iptables -A INPUT -d $linux_box_ext_ip -m state --state NEW -i $ext_eth -p tcp --dport 1111 -j ACCEPT
iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

To allow internal ftp working on 192.168.0.2:1112 to be seen from the world as $linux_box_ext_ip:1112 try:
iptables -t nat -A PREROUTING -i $ext_eth -p tcp --dport 1112 -j DNAT -to-destination=192.168.0.2
iptables -A FORWARD -m state --state NEW -i $ext_eth -p tcp --dport 1112 -j ACCEPT