08-29-2002
Ftp'ing thru a Iptables NAT Masquerade
Greetings to all.
My new firewall is giving me one hell of a problem.
I'm running iptables and masquerading my intranet
thru NAT. But here is the problem. Whenever I try
to FTP to a server outside of my lan I get a 500
illegal port error.
I've come to the conclusion that NAT is using a port
too high for most servers out there. Does anyone
know where I can set a better range to work with?
Any recomendations on what range would be better?
I've only got a handful of machines behind it but they
are a web server and an SQL server so they might be
a little busy but not a huge drain on ports.
Thank You in Advance.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have, say, a dozen files, and I want to grep for a string of text within them. I don't remember the exact syntax, but let me give it a shot and show you an idea here...
find . -type f -exec grep thisword {} \;
...and there's a way to put more than one grep into the statement, so it will tell... (1 Reply)
Discussion started by: kitykity
1 Replies
2. UNIX for Dummies Questions & Answers
Where Do I download Unix ISO's for free? I have searched this database for other related posts, but to no avail. All I need is this info, and I don't want Linux; just a Unix site. Please and thank you for your help. (3 Replies)
Discussion started by: killrazor
3 Replies
3. Shell Programming and Scripting
Hi,
I have written the following FTP script to get the multiple files from remote server to local server. My problem is that 'mget *' is not working in the script. I also tried with 'mget *.txt', 'mget *.*' etc. without any success. It do not copy any file to local server. In the script, Prompt... (10 Replies)
Discussion started by: berlin_germany
10 Replies
4. UNIX for Advanced & Expert Users
Hi,
I am having unix script that passes argument value to script. The script finds the file and keeps it in a directory.
I need to ftp this file to another server. Please guide me how to acieve this.
I am able to connect to ftp server but i am not able to use the unix argument in the ftp... (0 Replies)
Discussion started by: pyaranoid
0 Replies
5. Solaris
Hi gurus.
Not such a problem, more of a proof of concept.
Ive got two zones :- database-1 and database-dr-1 on two different servers. Both zones have different ip addresses.
I want to copy the whole zone database-1 over to database-dr-1, which is simple enough, but I want to install... (0 Replies)
Discussion started by: sbk1972
0 Replies
6. Shell Programming and Scripting
Hi,
I need to have a shell script that FTP's a zipped file from a particular location.
I have some path and inside that path i will have folders like x_timestamp and inside x_timestamp there may many folders based upon events like y_111,y_222,y_333.Inside each event there will be another... (3 Replies)
Discussion started by: weknowd
3 Replies
7. IP Networking
Hello!
I have the following problem with iptables in Debian 6:
My server works as a router and it needs to log server external IP+port for all outgoing connections.
But after command SNAT or MASQUERADE traffic is "lost".
I mean no following rules can catch those traffic.
Everything looks... (0 Replies)
Discussion started by: unlimited
0 Replies
8. IP Networking
edit: SOLVED - see below for solution
Hi there,
I've inherited a gob of Linux hosts and so am learning linux from the bottom of the deep end of the pool (gotta say I'm warming up to Linux though - it's not half bad)
Right now iptables is confusing me and I could use some pointers as to how... (0 Replies)
Discussion started by: Smiling Dragon
0 Replies
9. UNIX for Dummies Questions & Answers
Hi everyone,
I have a LAN with :
1 internet box (192.168.1.1)
1 Debian host (192.168.1.224)
3 Windows hosts (192.168.1.32/33/34)
The internet box is set to route all incoming traffic to the Debian host (DMZ).
Then the Debian host is set to accept certain packets and forward others... (0 Replies)
Discussion started by: chebarbudo
0 Replies
10. UNIX for Beginners Questions & Answers
My Device is connected to eth1 interface of the host and eth0 is connected to network.
Now when I am pinging google.com from device after executing below commands on host
sudo iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
I am... (0 Replies)
Discussion started by: slathigara
0 Replies
LEARN ABOUT DEBIAN
netstat-nat
netstat-nat(1) General Commands Manual netstat-nat(1)
NAME
netstat-nat - Show the natted connections on a linux iptable firewall
SYNOPSIS
netstat-nat [options]
DESCRIPTION
netstat-nat Displays NAT connections managed by netfilter/iptables which comes with the > 2.4.x linux kernels.
The program reads its information from '/proc/net/ip_conntrack' or '/proc/net/nf_conntrack', which is the temporary conntrack-storage of
netfilter.
OPTIONS
-h displays help
-n don't resolve IPs/portnumbers to host/portnames
-p <protocol>
display NAT connections with protocol selection (see /etc/protocols)
-s <source host>
display connections by source IP/hostname
-d <destination host>
display connections by destination IP/hostname
-S display SNAT connections
-D display DNAT connections
-L display only connections to NAT box self (doesn't show SNAT & DNAT)
-R display only connections routed through the NAT box (doesn't show SNAT & DNAT)
-x extended view of hostnames
-r <src|dst|src-port|dst-port|state>
sort connections
-o no output header
-N display NAT box connection information (only valid with SNAT & DNAT)
-v prints version
FILES
/proc/net/ip_conntrack or /proc/net/nf_conntrack
SEE ALSO
http://www.tweegy.nl/projects/netstat-nat/
http://www.netfilter.org/
AUTHOR
netstat-nat has been written by D.Wijsman danny@tweegy.nl
The manual page has been written by marceln@xs4all.nl
July 2002 netstat-nat(1)