Ziga Milek wrote: > When i try to connect to it using flashfxp it says: > > [22:16:11] WinSock 2.0 -- OpenSSL 0.9.7g 11 Apr 2005 > [22:16:17] [R] Connecting to cauchy.homeip.net -> DNS=cauchy.homeip.net > IP=89.212.9.43 PORT=21 > [22:16:18] [R] Connection failed (Connection refused) > [22:16:18] [R] Delaying for 120 seconds before reconnect attempt #1 > > I don't think it's the dnat causing the problem because torrents and ed2k > and some other things work fine (on ports 50000-50004). And also if i use > utorrent port checker on port 21 > (http://www.utorrent.com/testport.php?port=21) it says that it's open and > accepting connections. It has to be something speceific to ftp. Here is the > complete output of iptables-save if it helps: > <snip> > -A net_dnat -p tcp -m tcp --dport 50000:50010 -j DNAT --to-destination > 192.168.0.3 > -A net_dnat -p udp -m udp --dport 50000:50010 -j DNAT --to-destination > 192.168.0.3 > -A net_dnat -p tcp -m tcp --dport 21 -j DNAT --to-destination 192.168.0.3
Where are you testing from? If your using a machine that is on your local lan, that will never work unless you state the "original destination" in your DNAT rule, like what was posted earlier for you and follow the rest of FAQ 2. >From here I get a connection: [EMAIL PROTECTED] jerry]#ftp cauchy.homeip.net Connected to cauchy.homeip.net (89.212.9.43). 220 Serv-U FTP Server v6.3 for WinSock ready... Name (cauchy.homeip.net:jerry): The other problem is that the ftp server is bannering the wrong ip address/name, that will break the netfilter helper modules if you do that. You should not set that to what your public ip address/dns name is. This issue is mentioned in the FTP page. Jerry ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
