port forward help

[floppy d]

hello,
I have been trying to port forward my dell truemobile 2300 for a few days and havent had any luck. I have cable internet through comcast and have in the past succesfully forwarded ports with my lynksys befsr41. Now that i think about it, though, i was messing around with that router a little more recently and couldnt get ports to forward. I assumed at the time i had configured it wrong and didnt spend much time messing with it. Now i am thinking that comcast is blocking incoming connections maybe?

here is what i have entered as the port forward settings.
Enable
yes
Service Name
ftp
Incoming Ports
From:20 To:21
Destination IP Address
192.168.1.3
Destination MAC Address
00:02:E3:22:EF:CE
Destination Port
From 20 To 21
Port Type
Both

ifconfig:
eth0 Link encap:Ethernet HWaddr 00:02:E3:22:EF:CE
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST NOTRAILERS RUNNING MULTICAST MTU:1500 Metric:1
RX packets:46646 errors:0 dropped:0 overruns:0 frame:0
TX packets:33168 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:259875291 (247.8 Mb) TX bytes:16787430 (16.0 Mb)
Interrupt:19 Base address:0x8c00
nmap 24.11.xx.xx:
PORT STATE SERVICE
80/tcp open http
5190/tcp open aol
i dont know why those two are open or how to close them.

nmap 192.168.1.3:
PORT STATE SERVICE
21/tcp open ftp
ftp connects fine from another box inside the network.
I have tried to provide as much info as possible. I have also have problems forwarding other services other than ftp such as bittorrent and soulseek. Any help is appreciated. Thanks

[yaneurabeya]

I know that comcast does block SMTP connections and that you have to go through smtp.comcast.net, and I believe that they block other ports.

Just curious, are you setting this forwarding up through a router by chance?

[floppy d]

Yeah, im using a dell truemobile 2300. I hooked up my lynksis last night out of frustration and everything worked fine so it must be a problem with my router. I just cant for the life of me figure out what im doing wrong.

[yaneurabeya]

Is your linksys a router or a hub? What ports are you forwarding through your truemobile and what are the rules exactly?

[renihs]

ftp might not the be easiest service to forward (look up google for differences active/passive ftp), but make sure to use passive ftp when trying to connect to the forwarded box.

i guess u are using
$IPTABLES -t nat -A PREROUTING -p tcp -s <ip> --d <ip>--dport 20:21 -j DNAT --to-destination <destinationip>

that one should work fine, however u will need some fancier stuff i guess to forward active ftp connections (there is a HELPER modules to detect also active ftp connections)
_________________
Gentoos are the fastest underwater swimming birds, reaching speeds of 36 km/h (22.3 mph).
Height: 75cm (29in), Weight: 5.5kg
If you discover spelling errors, you are authorized to keep them.

[floppy d]

it's a router. There are three things that i am trying to get working. They are ftp, browseable shares in the nicotine soulseek client, and sharing through azureus. All three of them work fine under the lynksis router. Also ports 80 and 5190 aren't open when i port scan with the lynksis router. Im not using iptables at all unless its on without me knowing about it somehow. The ports that i am trying to forward are 20-21 for ftp, 7000-7004 for nicotine, and 6881 for azureus. Azurues gives me an ok using the dell router when i do a port test in the configuration wizard oddly enough, and people can download from me fine.

[yaneurabeya]

Are you aware that you might be able to setup your Dell Truemobile router to do the routing for you instead of worrying about setting up port forwarding on your main machine? What you need to do most likely is open up the admin screen in a browser by typing in the ip address for the router (you can find this out using ifconfig and then using the gateway address). Then if it gives options for configuring a DMZ, that's where you need to go in order to properly port forward through your router. Once again, I would read your documentation on your router though because there may be different steps to accomplish this.

Remember, routers (all the ones that I have encountered thus far) use NAT, so you need to setup the proper portforwarding through the router.

[floppy d]

yeah, thats what im doing. I dont have any other firewall or NAT setup.I set my browser to 192.168.2.1 and configure the router that way. DMZ sends all incoming traffic to the ip specified right? I tried using that and it still didnt work.

[yaneurabeya]

Hmmm... that should work if you have it setup properly, but then again I heard that Dells are PoS'es when it comes to routers/hubs (no offense cause Dell desktops are wonderful-albeit expensive...).

[floppy d]

yeah, this is driving me nuts. I bought it from a friend pretty cheaply to use the wireless. My budget is about as low as it gets.