[TriLUG] iptables & DNAT for FTP access question
Carlos J. Cela
ccela at nc.rr.com
Sun Aug 3 09:43:39 EDT 2003
Hi,
I have a network configuration with two segments, one connected using
ethernet and the other using fibre-channel. Only one machine is
connected to both network segments, a RedHat 8 with 2.4.20 kernel. -
ifconfig will list the fc adapter just as another NIC.
What I am trying to do is to access an FTP server located in a machine
in the fibre-channel segment from my desktop (WinXP), which is
connected in the ethernet LAN segment.
I have created an alias of the ethernet card of the Linux box, and my
intention was for that alias to redirect all incoming requests to the
FTP server on the other segment, by:
#setup an alias for the ethernet card
ifconfig eth0:0 192.168.200.247 up
#Enable ip_tables
echo "1" > /proc/sys/net/ipv4/ip_forward
#Translated address of alias (247) to FC card, so I can FTP from my remote PC
iptables -t nat -A PREROUTING -p tcp -d 192.168.200.247 --dport 21 -j DNAT --to 192.168.201.11
Where the 192.168.201.11 is the actual ip of the FTP server, and
192.168.200.247 is the ip to access it from the ethernet side. For some
reason this is only partially working - I get a 'ftp unknown error' when
trying to connect. I know that the packets are being redirected because
if not it will connect to the local FTP server on the Linux box...I am
new to iptables.. is this the right way to go here? What am I missing? Help?
Thanks-
Carlos
More information about the TriLUG
mailing list