Masquerading doesn't work for FTP PORT command

From: Damir Cosic (damir@fatpipeinc.com)
Date: Fri Feb 18 2000 - 17:15:48 EST

Next message: Bob Doyle: "Re: Port of 3c575_cb to 2.3.43pre8"

Previous message: Horst von Brand: "Re: URL to the latest /proc/driver/microcode"
Next in thread: Miquel van Smoorenburg: "Re: Masquerading doesn't work for FTP PORT command"
Reply: Miquel van Smoorenburg: "Re: Masquerading doesn't work for FTP PORT command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have 2.2.14 kernel and ipchains 1.3.8. I set masquerading for one
host on 198.61.23.0 network:

[root@snowbird linux]# ipchains -L
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
target prot opt source destination
ports
MASQ all ------ 198.61.23.1 anywhere n/a
Chain output (policy ACCEPT):

Everything (that is web browsing) works fine except FTP PORT command. I
watched the traffic with tcpdump and it shows that it handles that
packet the same way it handles regular TCP packet, that is, changes its
source ip and port number, but leaves TCP data part the same. In other
words, ip address and port number inside PORT command are not
masqueraded.

Is it possible to have masquerading compiled into kernel but without FTP
masquerading?

Any suggestions?

Thanks.

Damir

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Bob Doyle: "Re: Port of 3c575_cb to 2.3.43pre8"
Previous message: Horst von Brand: "Re: URL to the latest /proc/driver/microcode"
Next in thread: Miquel van Smoorenburg: "Re: Masquerading doesn't work for FTP PORT command"
Reply: Miquel van Smoorenburg: "Re: Masquerading doesn't work for FTP PORT command"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Feb 19 2000 - 00:50:09 EST