Page MenuHomeVyOS Platform

Passive FTP + NAT + Privileged Port
Closed, ResolvedPublic


i got problem, on builds of VyOS based on PRE 4.11 kernel, NAT rules like:

show nat destination 
 rule 10 {
     destination {
     inbound-interface vtun1
     translation {

works like a charm, but on builds based on kernel AFTER 4.11 Active FTP wont work...
I came to conclusion that its because of net.ipv4.ip_unprivileged_port_start in new kernel versions.
Am I right? How to configure NAT now?


Difficulty level
Unknown (require assessment)
Why the issue appeared?
Will be filled on close

Event Timeline

hexes created this task.Jan 24 2019, 1:26 AM
hexes created this object in space S1 VyOS Public.
Line2 added a subscriber: Line2.Jan 24 2019, 2:58 PM

are you sure, or could it be related to conntrack helper topic in T1141?

hexes added a comment.Jan 24 2019, 4:09 PM

I'm not sure. Only hypothesis...

THANKS! You absolutely right! That's it!

hexes closed this task as Resolved.Jan 24 2019, 4:09 PM