[K12OSN] FTP redirect?

Jim Kronebusch jim at winonacotter.org
Tue Jul 12 14:08:29 UTC 2005

> Nope, the second.  My users are used to connecting to "ourserver.org" 
> for ftp.  The machine that runs email now (thus "ourserver.org") no 
> longer hosts home directories -- so I need to have access ftp traffic 
> going to "ourserver.org" redirect to "ftp.ourserver.org"
> I can do it for outside traffic (via portforwarding on my ipcop 
> firewall) -- but I'm not sure how to do it internally, where 
> there is no 
> redirection, but rather direct connection to a 10. address.
> (I have a bogus DNS server inside our network that points traffic for 
> ourserver.org to an internal 10. address)

Okay, that is a little more clear.  So what you are saying is externally
you don't have a problem because ftp.ourserver.org and ourserver.org
point to the same IP and your port forwarding will handle who traffic is
directed to.  But internally you have no port forwarding thus if your
internal DNS server pointed both to the same IP you would be directed to
the wrong machine.

First off there is a lesson here.  Make sure you use a complete url in
the future.  For mail make sure to at least use mail.yourserver.com, for
ftp use ftp.yourserver.com, for web use www.yourserver.com, for blah use
blah.yourserver.com.  I have made the same mistake as well.  It seems
simpler when everything is on one server to use the shorter address, but
bites you in the ass when you want to split them up.

So now you are wondering if ourserver.org could have its iptable process
the incoming request, and if the request is for ports 20 or 21, forward
the request to ftp.ourserver.org.  Anyone?  I don't know enough about IP
tables to help here.  I don't see why this wouldn't be possible, add
something that says forward any requests for ports x and y to ip
xxx.xxx.xxx.xxx and let all others pass through locally.

This message has been scanned for viruses and
dangerous content by the Cotter Technology 
Department, and is believed to be clean.

More information about the K12OSN mailing list