Hi,
Thanks for the explanation, now i do understand a little more about the FTP protocol (i hope
)
I have set the control connection back to port 21 (standard) on the FTP server and that works fine.
I asked a fried of mine to connect to my ftp server and that worked fine.
He could download and upload files without any problems.
However i would very much like to change my control connection to a different port.
Somehow then the FTP server stops working correctly.
I haven't tried to tell my FTP server to listen on a range of ports because i could not find
out so far. I will try to take a closer look at this.
I changed my firewall rules for the FTP protocol like this :
Code:
/sbin/modprobe ip_nat_ftp
/sbin/modprobe ip_conntrack_ftp
# ///// FTP TOEGANG //////
$IPTABLES -t nat -A PREROUTING -i $INSIDE -d $INET_IP -p tcp --dport 21 -j DNAT --to $PRIVIP
$IPTABLES -A INPUT -i $OUTSIDE -p tcp --dport 21 -m limit --limit 15/minute -j LOG --log-prefix FTPflags:
$IPTABLES -A INPUT -i $OUTSIDE -s 0/0 -d $INET_IP -p tcp --dport 21 -j ACCEPT
$IPTABLES -A INPUT -i $INSIDE -s $INET_IP -d $PRIVIP -p tcp --dport 21 -j ACCEPT
$OUTSIDE = my nic with ADSL connection (internet)
$INSIDE = my other NIC for the LAN
$INET_IP = my IP adress for inernet
$PRIVIP = my Redhat LAN adress (192.168.10.2)
I don't understand why it works if i keep the control connection to port 21
and as soon as i change this to another port and change my firewall rules also
it doesn't work anymore.