В Вто, 11/11/2008 в 20:15 +0100, Pascal Hambourg пишет: > Pokotilenko Kostik a écrit : > > > > The server advertise the public address itself, it's proftpd with this > > option: > > <VirtualHost yyy.yyy.yyy.yyy> > > ... > > MasqueradeAddress xxx,xxx,xxx,xxx > > ... > > </VirtualHost> > > > > where yyy.yyy.yyy.yyy: privat IP. > > Couldn't this disrupt the FTP connection tracking which expects to see > the private address ? This option should not be required, as ip_nat_ftp > is able to translate addresses in the control flow. You are extremely right :) That was the case, removing MasqueradeAddress made it work! I was unable to find the information on how does conntrack_ftp/nat_ftp work, otherwise I would found out the right way. Thanks alot, you saved my time. P.S. Sorry, previous post acidently went privat -- Покотиленко Костик <casper@xxxxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
