ftp server and iptables

ftp server and iptables

Post by Inma Villapla » Wed, 13 Mar 2002 21:26:20

The goal is to configure port forwarding in the firewall to offer a
ftp service to Internet.

The Linux firewall is Redhat 7.2 with 2.4.9-21 kernel and

The ftp server is a Windows 2k from the internal MASQed network.

Port forwarding only works for passive connections to the ftp server,
configuring the following:

$IPTABLES -A FORWARD -i $EXTIF -o $INTIF -p tcp --dport 21 -m state \

$IPTABLES -A PREROUTING -t nat -p tcp -d $EXTIP --dport 21 \
-j DNAT --to $PORTFWIP:21

The ip_nat_ftp and ip_conntrack_ftp modules are loaded.

How to configure firewall to allow active ftp connections from
Internet to the MASQed ftp server?



1. ftp server iptables rules for passive ftp

Hello assembled c.o.l.n folk.

I'd like to allow passive ftp access to my ftp server. my ruleset is DENY
policy, and Im curious to know what you would recommend. I thought
conntrack would solve my problem, but my research into it has led me to
believe that particular module works best on the FORWARD chain of an
intermediate firewall.

Thanks in advance,

2. How to

3. FTP Server behind IPTables...

4. DHCP or DNS on a small home network setup?

5. Problem setting up ftp server inside lan (iptables)

6. Error (13) Permission denied

7. iptables/prerouting/internal ftp server

8. snoop + ssh ?

9. iptables w/ ip_conntrack_ftp & ftp server not listening on port 21

10. FTP server behind an iptables firewall.

11. how to change port of ftp server behind iptables

12. Active FTP under iptables to ftp.netscape.com

13. Matrox Mystique ands X.