There are few places harder to get to in this world. But therearen't anywhere it's harder to live.The average temperature in Antarctica at the bottom of the Earth is a balmy 58 degrees below.That's when the sun is out.For millions of years they have made their home on the darkest,driest, windiest and coldest continent on Earth.The Penguins.Penguin is technically a bird. Although one that makes his home in the sea. Each year at around the same time he will leave the comfort of his ocean home and embark on a remarkable journey.He will travel a great distance and though he is a bird. he won't fly.Though he lives in the sea. he won't swim. Mostly, he will walk.But he won't walk alone.It is March ......
March of the Penguins ,The IceWalkerz!!


Sound Tracks of "March of the Penguins ", feature film by National Geographic Channel.
What is Linux ? You’d probably say, “Linux is an operating system.” Yes, but remember, however, that the strictest definition of Linux is only the kernel . The more relaxed definition would be an overall package called a distribution that is ready to install and use. There are well over 300 distributions of Linux, most of them containing commonly-needed applications—and even games! Linux was originally meant to be a UNIX clone. Here, by clone,we mean that it would look and behave like UNIX. But bear in mind that Linux does not contain a single line of UNIX code! The source code of the two is entirely different.Linux was officially introduced only in 1991 by its famed creator Linus Torvalds,who at the time was a student at the University of Helsinki in Finland. Little did he know that his creation would grow in size and popularity to the extent it has today.Linux is what it is today because of the help of developers who worked on it not for money but for the kick of it. They were driven by passion and belief in a cause.Did you know that most servers today run on Linux? That means there’s a good chance there’s Linux somewhere behind all those Web pages you see. Linux is not just an OS you use at home instead of Windows; a whole range of enterprise suites are now based on the Linux platform. From network servers to Web servers, several places have Linux as the backbone.There are countless brains at work who pursue the technology—not for money, but out of sheer interest and passion.Linux boasts of some of the best online peer support today. Linux is standing today showing the IT world the innovation that can be achieved by sheer community work. And,Linux is free too. It appears, there is after all something like a free lunch! When the world around you is trying Linux, why would you want to be leaving behind the excitement?

Thursday, January 8, 2009

FTP port forwarding using Iptables

Well, let’s imagine rather trivial situation: you have Linux router connected to internet via e.g. ADSL modem and some local network comprising several computers and servers connected to that router via switches and/or Wi-Fi access points.

Done? Ok.

There is one public IP assigned to WAN interface of the router while FTP server (of course run by Linux as well) has IP something like 192.168.123.14 or 172.16.*.* or 10.*.*.*. Moreover you want to allow people to access your FTP from every corner of Internet… So, there are several ways how to apply this but let’s talk about how to achieve this by means of using port forwarding feature that is available in any router’s functions list.

So, let’s say we have the following configuration:

Internet <-> [a] router [b] <-> [c] FTP server

[a] is WAN interface with 212.213.214.215 (just an example) IP assigned to it, [b] is NIC with 192.168.0.1 and [c] is server’s interface with IP 192.168.0.2. All what we need is that users from Internet can access FTP server using 212.213.214.215 IP and default 21 TCP port.

One of the main problems is that passive mode of FTP service uses any port from range 1024 to 65535 so it’s not enough to forward 21/20 ports to FTP server and let the ball rolling. So, go to servers’ CLI and open configuration file of an FTP service. It would be vsftpd, proftpd whatever. Let’s say we have vsftpd so we have to add the following lines to /etc/vsftpd.conf:

pasv_min_port=12000
pasv_max_port=13000

When changes are saved restart vsftpd server.

Now access router’s CLI and type the following:

iptables -t nat -I PREROUTING -d 212.213.214.215 -p tcp -m tcp --dport 21 -j DNAT --to-destination 192.168.0.1

iptables -t nat -I PREROUTING -d 212.213.214.215 -p tcp -m tcp --dport 12000:13000 -j DNAT --to-destination 192.168.0.1

This will add netfilter port forwarding rules which will redirect traffic coming at routers’ public IP through 21 TCP port to FTP server and will properly handle passive FTP mode.

[ref: http://www.linuxscrew.com ]
at Thursday, January 08, 2009

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)