Re: TR: Connection tracking with lvs

To: Stéphane Klein <sklein@xxxxxxxxxxxxxxxxxxx>
Subject: Re: TR: Connection tracking with lvs
Cc: "'lvs-users@xxxxxxxxxxxxxxxxxxxxxx'" <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
From: Julian Anastasov <ja@xxxxxx>
Date: Sun, 29 Aug 2004 08:14:08 +0300 (EEST)

On Fri, 27 Aug 2004, Stéphane Klein wrote:

> > But , i've tried to use your example to setup active and passive FTP.
> > I can authenticate, but i can't list or send data. I can see packet
> > in the conntrack file that with dport=20, but the ftp server tried
> > to send a SYN_SENT and have no reply.
> >
> > ip_vs_ftp is loaded as module
> > ip_nat_ftp and ip_conntrack_ftp are in the kernel
> >
> > I used iptables rules of your example in the HOWTO.
> >
> > I saw this article where you said it's necessary to patch the
> > kernel to work
> > with ip_nat_ftp
> > (
> > That patch is for kernel 2.6.5. Is this patch included in
> > your nfct patch or is
> > it necessary to apply this patch?

        Yes, it is needed if you are loading ip_nat_ftp. I didn't
received any replies from the netfilter coreteam about this patch,
so I just linked it to the web site: ip_nat_ftp-2.6.5-1.diff


Julian Anastasov <ja@xxxxxx>
<Prev in Thread] Current Thread [Next in Thread>