Hi all,
I just configured my iptables to share my ADSL connection on the LAN. But there seems to be problems with connecting to FTP through NAT. It seems that I definitely need to enable PASV(passive) mode to make the ftp connection works.
When using win2k’s IE5 to connect to FTP, it won’t work because there is no PASV mode for it. I get Invalid port command error. But somehow, my own PC can FTP with IE. Very strange!!!
Ok, here is my list of IPTABLES -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all — 202.x.x.x anywhere
ACCEPT tcp — 210.x.x.x anywhere tcp dpt:ssh
ACCEPT tcp — 192.168.10.0/24 anywhere tcp dpt:squid
ACCEPT tcp — 192.168.10.0/24 anywhere tcp dpt:8888
block all — anywhere anywhere
DROP all — !192.168.10.0/24 anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all — 192.168.10.50 anywhere
ACCEPT all — 192.168.10.0/28 anywhere
DROP all — 192.168.10.0/24 anywhere
block all — anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain block (2 references)
target prot opt source destination
ACCEPT all — anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all — anywhere anywhere state NEW
DROP all — anywhere anywhere
the one with 210.x.x.x is ip for ADSL connection and the other 202.x.x.x is allowing that server to connect to this server.
My own pc have ip of 192.168.10.11.
Please help! Thanks in advance.