From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.3 Date: Fri, 16 May 2008 21:48:12 +0400 From: Grigory Fateyev To: sysadmins@lists.altlinux.org Message-ID: <20080516214812.1575854d@greg.dobroe.net> In-Reply-To: <200805162332.54971.ripper.mail@gmail.com> References: <20080516191510.34081638@greg.dobroe.net> <200805162207.28457.ripper.mail@gmail.com> <20080516212259.5323e54b@greg.dobroe.net> <200805162332.54971.ripper.mail@gmail.com> Organization: Anastasia.ru X-Mailer: Claws Mail 2.10.0cvs81 (GTK+ 2.10.6; i586-alt-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit Subject: Re: [Sysadmins] iptables rules DNAT ftp passive X-BeenThere: sysadmins@lists.altlinux.org X-Mailman-Version: 2.1.10b3 Precedence: list Reply-To: ALT Linux sysadmin discuss List-Id: ALT Linux sysadmin discuss List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 May 2008 17:48:14 -0000 Archived-At: List-Archive: Hello Starodumoff Ilya! On Fri, 16 May 2008 23:32:54 +0600 you wrote: [...] > > Спасибо, но что-то не получается... > > > покажите конфиг фтп сервера в контейнере и # egrep -v '^(#|$)' /etc/vsftpd.conf listen=YES anonymous_enable=YES local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES chroot_local_user=YES secure_chroot_dir=/var/run/vsftpd pam_service_name=vsftpd rsa_cert_file=/etc/ssl/certs/vsftpd.pem pasv_min_port=65000 pasv_max_port=65535 > iptables -vnL FORWARD > iptables -t nat -vnL PREROUTING > на HN http://pastebin.ca/1020285 -- Всего наилучшего! Григорий greg [at] anastasia [dot] ru Письмо отправлено: 2008/05/16 21:38