ls, dir hang up FTP client

[S-H-A-R-P-Y]

Hello,

I'll start by explaining exactly what my setup is. I have 2 Fedora 10 systems, one is the server with VSFTPD installed, and the other is a gateway/router. Both machines are setup on a subnet, the server with IP 10.0.10.2 and the Gateway/Router with internal Subnet IP: 10.0.10.1 and 192.168.0.196 on the external subnet. I have setup IPtables, to forward connections for FTP incoming on 192.168.0.196 to the server's 10.0.10.2. I am able to connect just fine, however i cannot get a directory listing, as either anonymous or as a local user, I need to do this in passive mode but am having some problems. Any assistance would be greatly appreciated. I have spent a very long time googling, and reading trying to come up with a solution, but with no luck.

Below is the error i am getting along with all my config files.

IPTABLES config on server

*nat
:PREROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o eth1 -j MASQUERADE
-A PREROUTING -i eth1 -p tcp --dport 20 -j DNAT --to-destination 10.0.10.2
-A PREROUTING -i eth1 -p tcp --dport 1024:65535 -j DNAT --to-destination 10.0.10.2
-A PREROUTING -i eth1 -p tcp --dport 21 -j DNAT --to-destination 10.0.10.2
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -o eth1 -j ACCEPT
-A FORWARD -i eth1 -m state --state NEW -m tcp -p tcp -d 10.0.10.2 --dport 20 -j ACCEPT
-A FORWARD -i eth1 -m state --state NEW -m tcp -p tcp -d 10.0.10.2 --dport 1024:65535 -j ACCEPT
-A FORWARD -i eth1 -m state --state NEW -m tcp -p tcp -d 10.0.10.2 --dport 21 -j ACCEPT
COMMIT

VSFTPD Config Just options i have added extra to allow me to connect anonymously and enable passive On FTP SEVER

anonymous_enable=YES
anon_max_rate=131072
anon_root=/var/ftp
chown_upload_mode=0722
#Max Clients
max_clients=50
#
# Uncomment this to allow local users to log in.
local_enable=YES
#
#PASSIVE
pasv_enable=YES
port_enable=YES
pasv_max_port=65535
pasv_min_port=1024

# Uncomment this to enable any form of FTP write command.
write_enable=YES

FTP client Output

ftp> open 192.168.0.196
Connected to 192.168.0.196.
220 (vsFTPd 2.1.2)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (192.168.0.196:SHARPY): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (10,0,10,2,4,0).

I have reason to believe it may be something with the ports on IPTABLES but i am at my wits end...Any assistance would be greatly appreciated.

Thank you.

[Lazydog]

Do you have "ip_conntrack_ftp" loaded?