> > I would like to forward ftp request to other server's other port to
improve
> > the security. Is it possible?
Yes!
> > for example,
> > I would like to forward ftp request using port 26 to 211.1.1.1 port 100
or
> > same port(26).
> > So, I configured like this(xinetd.conf) .But this is not work
> > service ftp-proxy
> > {
> > flags = REUSE
> > socket_type = stream
> > protocol = tcp
> > wait = no
> > user = root
> > groups = yes
> > server = /usr/sbin/tcpd
> > redirect = 211.1.1.1 26
> > }
> > Surely, any service which use just one port works well,
> > but FTP use two port as you know.
If you're using a kernel inside or after 2.4.x you can use iptables with a
form of SNAT to forward traffic to your destination. 2.2.x and 2.0.x you
will need to find a tcp port forwarder. These can be found with a simple
google search for tcp forwarding daemons.
The syntax for iptables... is as follows..
iptables -t nat -A PREROUTING -p <protocol> -d <local ip> --dport 26 -j
DNAT --to-target 211.1.1.1:26
Notice the protocol isn't filled in, and you'll have to specify the ip
address of the machine you're using this on. Enjoy! :)
