http://netfilter.samba.org/unreliable-guides/NAT-HOWTO/NAT-HOWTO.linuxdoc-7.html
Try a "modprobe ip_nat_ftp" on the firewall and try the ftp again.
Tariq Rahman
Butler International, Inc.
|--------+----------------------->
| | "Andrew" |
| | <andrew_fof@y|
| | ahoo.com> |
| | |
| | 07/24/2001 |
| | 02:38 AM |
| | Please |
| | respond to |
| | andrew_fof |
| | |
|--------+----------------------->
>---------------------------------------------------------------------|
| |
| To: netfilter@lists.samba.org |
| cc: (bcc: Tariq Rahman/BUTLER) |
| Subject: FTP Problem. |
>---------------------------------------------------------------------|
Here's a capture of my problem:
257 "/" is current directory.
TYPE A
200 Type set to A.
PORT 10,0,0,2,17,9
200 PORT command successful.
LIST -al
425 Can't build data connection: No route to host.
That's what I get when I try to FTP to one site which is on port 8080. You
can only properly login to it without passive mode on. I know this cuz I am
able to login to it without any problems from my linux server (mandrake 8.0,
kernel 2.4.6, using iptables...not ipchains) but I just cannot login and do
a dir listing from my win box.
Problem is trying to FTP to the site from my win98...which gets my internet
connection from my cable modem configured onto eth0 on the linux server...I
also have eth1 configured with 10.0.0.10/255.255.255.0 as the address...and
my win98 has the address 10.0.0.2/255.255.255.0
Some more info on my linux config:
# lsmod
Module Size Used by
ip_conntrack_ftp 3920 0 (unused)
ipt_MASQUERADE 1712 1 (autoclean)
iptable_nat 17552 0 (autoclean) [ipt_MASQUERADE]
ip_conntrack 17312 2 (autoclean) [ip_conntrack_ftp
ipt_MASQUERADE iptable_nat]
ip_tables 12160 4 [ipt_MASQUERADE iptable_nat]
nls_iso8859-1 2864 2 (autoclean)
This is a part of what I have in my /etc/rc.d/rc.local in order to get my
win98 connected:
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j MASQUERADE
My win98 is configured with 10.0.0.10 as the gateway (my linux server, eth1)
and I'm using samba for file access to the server and vice versa.
Oh, I might as well show you what happens when trying to login with passive
mode on (from my winbox):
PWD
257 "/" is current directory.
TYPE A
200 Type set to A.
PASV
227 Entering Passive Mode (192,168,200,190,154,28) <--- why 192.x.x.x when
I'm on 10.x.x.x?
List Timed Out
(debug) FDFTP1 Abort Triggered
ABOR
225 ABOR command successful.
WHAT ELSE CAN I TRY? No one seems to know why this happens or how to fix it!
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
Try a "modprobe ip_nat_ftp" on the firewall and try the ftp again.
Tariq Rahman
Butler International, Inc.
|--------+----------------------->
| | "Andrew" |
| | <andrew_fof@y|
| | ahoo.com> |
| | |
| | 07/24/2001 |
| | 02:38 AM |
| | Please |
| | respond to |
| | andrew_fof |
| | |
|--------+----------------------->
>---------------------------------------------------------------------|
| |
| To: netfilter@lists.samba.org |
| cc: (bcc: Tariq Rahman/BUTLER) |
| Subject: FTP Problem. |
>---------------------------------------------------------------------|
Here's a capture of my problem:
257 "/" is current directory.
TYPE A
200 Type set to A.
PORT 10,0,0,2,17,9
200 PORT command successful.
LIST -al
425 Can't build data connection: No route to host.
That's what I get when I try to FTP to one site which is on port 8080. You
can only properly login to it without passive mode on. I know this cuz I am
able to login to it without any problems from my linux server (mandrake 8.0,
kernel 2.4.6, using iptables...not ipchains) but I just cannot login and do
a dir listing from my win box.
Problem is trying to FTP to the site from my win98...which gets my internet
connection from my cable modem configured onto eth0 on the linux server...I
also have eth1 configured with 10.0.0.10/255.255.255.0 as the address...and
my win98 has the address 10.0.0.2/255.255.255.0
Some more info on my linux config:
# lsmod
Module Size Used by
ip_conntrack_ftp 3920 0 (unused)
ipt_MASQUERADE 1712 1 (autoclean)
iptable_nat 17552 0 (autoclean) [ipt_MASQUERADE]
ip_conntrack 17312 2 (autoclean) [ip_conntrack_ftp
ipt_MASQUERADE iptable_nat]
ip_tables 12160 4 [ipt_MASQUERADE iptable_nat]
nls_iso8859-1 2864 2 (autoclean)
This is a part of what I have in my /etc/rc.d/rc.local in order to get my
win98 connected:
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -j MASQUERADE
My win98 is configured with 10.0.0.10 as the gateway (my linux server, eth1)
and I'm using samba for file access to the server and vice versa.
Oh, I might as well show you what happens when trying to login with passive
mode on (from my winbox):
PWD
257 "/" is current directory.
TYPE A
200 Type set to A.
PASV
227 Entering Passive Mode (192,168,200,190,154,28) <--- why 192.x.x.x when
I'm on 10.x.x.x?
List Timed Out
(debug) FDFTP1 Abort Triggered
ABOR
225 ABOR command successful.
WHAT ELSE CAN I TRY? No one seems to know why this happens or how to fix it!
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com