From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Virus-Scanned: Debian amavisd-new at mgts.by Message-ID: <46922361.6050304@mgts.by> Date: Mon, 09 Jul 2007 15:00:33 +0300 From: Evgeniy Kozhuhovskiy User-Agent: Mozilla-Thunderbird 2.0.0.4 (X11/20070618) MIME-Version: 1.0 To: slava@tangramltd.com, ALT Linux sysadmin discuss References: <4691F8E7.7040201@tangramltd.com> In-Reply-To: <4691F8E7.7040201@tangramltd.com> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: quoted-printable Subject: Re: [Sysadmins] =?koi8-r?b?0NLPwtLP0yDQz9LUwSDEzNEgZnRw?= X-BeenThere: sysadmins@lists.altlinux.org X-Mailman-Version: 2.1.9rc1 Precedence: list Reply-To: ALT Linux sysadmin discuss List-Id: ALT Linux sysadmin discuss List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jul 2007 12:01:13 -0000 Archived-At: List-Archive: Slava Dubrovskiy wrote: > =FA=C4=D2=C1=D7=D3=D4=D7=D5=CA=D4=C5. >=20 > =EF=C2 =DC=D4=CF=CD =D0=C9=D3=C1=CC=CF=D3=D8, =C9 =D0=CF=C8=CF=D6=C5 =CE= =C5 =D2=C1=DA, =CE=CF =DE=D4=CF-=D4=CF =D1 =D4=CF=D2=CD=CF=D6=D5 =C9 =CE=C5= =CD=CF=C7=D5 =CE=C9 > =CE=C1=CA=D4=C9 =CE=C9 =D3=C1=CD=CF=CD=D5 =C4=CF=C4=D5=CD=C1=D4=D8=D3=D1= =2E >=20 > =E5=D3=D4=D8 ftp =D3=C5=D2=D7=C5=D2, =C4=CF=D3=D4=D5=D0 =CB =CB=CF=D4=CF= =D2=CF=CD=D5 =D2=C1=DA=D2=C5=DB=C5=CE =D4=CF=CC=D8=CB=CF =D3 =C4=D2=D5=C7= =CF=C7=CF =D3=C5=D2=D7=C5=D2=C1. > =ED=CE=C5 =CE=C5=CF=C2=C8=CF=C4=C9=CD=CF =D4=C1=CB =CE=C1=D3=D4=D2=CF=C9= =D4=D8 =D7=D4=CF=D2=CF=CA =D3=C5=D2=D7=C5=D2, =DE=D4=CF=C2=D9 =CD=CF=D6=CE= =CF =C2=D9=CC=CF > =C9=D3=D0=CF=CC=D8=DA=CF=D7=C1=D4=D8 ftp =D0=C5=D2=D7=CF=C7=CF =D3=C5=D2= =D7=C5=D2=C1. >=20 > =E4=CC=D1 =DC=D4=CF=C7=CF =C9=D3=D0=CF=CC=D8=DA=D5=C0 iptables. =F0=D2=C1= =D7=C9=CC=C1 =D7=CF=D4 =D4=C1=CB=C9=C5: >=20 > IPTABLES=3D"/sbin/iptables" > INET_IFACE=3D"eth0" > INET_IP=3DIP =D7=D4=CF=D2=CF=C7=CF =D3=C5=D2=D7=C5=D2=C1 > FTP_SERVER_IP=3D IP ftp =D3=C5=D2=D7=C5=D2=C1 >=20 > $IPTABLES -t nat -A PREROUTING -d $INET_IP -i $INET_IFACE -p tcp -m tcp= > --dport 2111 -j DNAT --to-destination $FTP_SERVER_IP:20 > $IPTABLES -t nat -A PREROUTING -d $INET_IP -i $INET_IFACE -p tcp -m tcp= > --dport 2112 -j DNAT --to-destination $FTP_SERVER_IP:21 > $IPTABLES -t nat -A POSTROUTING -d $FTP_SERVER_IP -o $INET_IFACE -p all= > -j SNAT --to-source $INET_IP >=20 > =EE=CF =D0=D2=C9 =DC=D4=C9=C8 =D0=D2=C1=D7=C9=CC=C1=C8 =D0=D2=CF=C9=D3=C8= =CF=C4=C9=D4 =D4=CF=CC=D8=CB=CF =CB=CF=CE=C5=CB=D4 =CB =D3=C5=D2=D7=C5=D2= =D5, =C1 =D3=D0=C9=D3=CF=CB > =CB=C1=D4=C1=CC=CF=C7=CF=D7 =CE=C5 =D0=CF=CB=C1=DA=D9=D7=C1=C5=D4. =E9 = =DC=D4=CF =CE=C5 =DA=C1=D7=C9=D3=C9=CD=CF =CF=D4 =C1=CB=D4=C9=D7=CE=CF=C7= =CF =C9=CC=C9 =D0=C1=D3=D3=C9=D7=CE=CF=C7=CF > =D2=C5=D6=C9=CD=CF=D7. > =F4.=C5. =CE=C5 =D0=D2=CF=C9=D3=C8=CF=C4=C9=D4 =D0=C5=D2=C5=C4=C1=DE=C1= =C4=C1=CE=CE=D9=C8. =F0=CF=C4=D3=CB=C1=D6=C9=D4=C5, =CB=C1=CB =D0=D2=C1=D7= =C9=CC=D8=CE=CF > =D0=D2=CF=C2=D2=C1=D3=D9=D7=C1=D4=D8 ftp? >=20 modprobe ip_conntrack_ftp --=20 With best regards, Evgeniy Kozhuhovskiy, Network Administrator of MGTS // ugenk(at)mgts.by