Linux, Networking

Both are completely different

IP Masquearade is just PAT (port address translation, 1 to many NAT type… google for it)
This is different then ip masquerade which is PAT
Exerpts are from ProFTPD docs:
ProFTPD and MasqueradeAddress from LAN Network
#############################################
This might be a stupid mistake but it made me headache all night long. I made the FTPES testing on ProFTPD on Ubuntu 8.04, in order to access from the internet, then I have to configure MasqueradeAddress to the domain name that can resolve to my WAN IP address from outside. But If I set MasqueradeAddress, I will have the problem on FTP Layer in all CMS, Joomla, WordPress. The CMS will show the error message that it cannot find the correct path of the editing file, etc. If included the wordpress auto updating problem, I had this problem few weeks already, but at that time I didn’t know that this is the same problem.
What is MasqueradeAddress?
===========================
MasqueradeAddress is one directive in ProFTPD that use together with PassivePorts for TLS connection.
MasqueradeAddress causes the server to display the network information for the specified IP address or DNS hostname to the client, on the assumption that that IP address or DNS host is acting as a NAT gateway or port forwarder for the server.
# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
PassivePorts                  53100 53199
# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
MasqueradeAddress        namo.sppc.in.th
resource: http://www.proftpd.org/docs/directives/linked/config_ref_MasqueradeAddress.html
What was the problem?
======================
If your server is a home server or behind NAT firewall router, the resolved IP Address from WAN and LAN from domain name may be not same. In my case If I enable MasqueradeAddress, my ftp client (filezilla) can connect to FTP server correctly without any problem, but there is a problem if I use ftp via application. I think in that case the server name is localhost, and it has some conflict about this MasqueradeAddress directive.
What is the resolution?
========================
After I googled for a while, in this case I have to configure virtualhost in proftpd configuration, which call only specific domain name, and proftpd will activate MasqueradeAddress seperately for each virtualhost.
===================================================================
From PROFTPD DOCS
#################
MasqueradeAddress
Name
=====
MasqueradeAddress — Configure the server address presented to clients
Synopsis
=========
MasqueradeAddress [ MasqueradeAddress ip-address|dns-hostname]
Default:
none
Context:
server config, <VirtualHost>
Module:
mod_core
Compatibility:
1.2.2 and later
Description
============
MasqueradeAddress causes the server to display the network information for the specified IP address or DNS hostname to the client, on the assumption that that IP address or DNS host is acting as a NAT gateway or port forwarder for the server.
See also
Examples
==========
    MasqueradeAddress nat-gw.mydomain.com

Leave a Reply

Your email address will not be published. Required fields are marked *