As a matter of fact i thought of the unusual port choice causing the problem and switched the ftp port back to 21 and added 'FTP/DNAT all loc:192.168.0.3' rule and the problem persists. Any other idea?
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jerry Vonau Sent: Thursday, September 06, 2007 12:31 PM To: Shorewall Users Subject: Re: [Shorewall-users] FTP not working behind Ubuntu+Shorewall Ziga Milek wrote: > I have a PC router that runs Ubuntu Server 7.04 (kernel version > 2.6.20-15-server) and Shorewall (latest version) as a firewall. On one of > computers connected to it I run a FTP server. the problem is i cannot > connect to it from outside. The ftp server is set up using serv-u. the port > used for ftp is 50005 and the ip of that computer is 192.168.0.3. i can > however connect to it from another computer on LAN. here are my rules: > > #ACTION SOURCE DEST PROTO DEST SOURCE > ORIGINAL RATE USER/ > # PORT(S) PORT(S) > DEST LIMIT GROUP > #SECTION ESTABLISHED > #SECTION RELATED > SECTION NEW > SSH/ACCEPT all $FW > Webmin/ACCEPT all $FW > DNS/ACCEPT loc fw > Ping/ACCEPT loc all > Ping/REJECT:info all $FW > Ping/ACCEPT $FW all > DNAT net loc:192.168.0.3 tcp 50000:50005 > DNAT net loc:192.168.0.3 udp 50000:50005 > NTP/ACCEPT all all > > ports 50000-50004 are used for torrents, ed2k and a couple of other things, > which work fine. what am i missing here? modules nf_nat_ftp and > nf_conntrack_ftp are loaded. I've been dealing with this for a couple of > months now and i don't know what else to try. Please help me! > > Ziga > Have a look the non-standard ports section of http://www.shorewall.net/FTP.html Jerry ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
