2 Problems: transparent mode and iptables, chroot with non root
![](https://seccdn.libravatar.org/avatar/6e0fd7c96c6cefd8efae40594ab99a39.jpg?s=120&d=mm&r=g)
I have 2 problems using ftp-proxy (I tried 1.7tp5 - 1.7tp7) under Suse 7.2 1) Transparent proxying does not work. I used the following iptables command: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 21 -j REDIRECT --to-port 2121 The ftp-proxy listens to 2121. When the client tries to connect in transparent mode the proxy closes the connection after I enter the login name. This is the corresponding log message: TECH-ERR can't eval DestAddr for [client ip address] I tried to set a listen address and TranslatedAddress (TranslatedAddress 0.0.0.0) but it dosn't help. Is it generally possible doing transparency with ftp-proxy and iptables or does it just works with ipchains? (Non transparent mode works fine.) 2) When I configure a chroot environment I cannot configure the proxy to use a non privileged user. I get the following error in the log file: TECH-ERR can't chroot to '/var/ftp-proxy/rundir' (chroot with user root works fine.) Of course only root has the rights to do chroot(). Maybe it might be possible to set the uid just after the chroot() command. Any ideas? TIA Daniel
participants (1)
-
"Daniel Erdös"