Where Linux kernel(3.4.34) open port on nat device? [closed]

Question

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

---

This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.

Closed 8 years ago.

Improve this question

I use an Linux Server for nat device. Currently it looks like [PC1,2,3]--[Linux]--[Internet]

There is no issue at all , but I'm curious about , when I open a service (ex: FTP WWW ) on my PC1 , did my [Linux] also opened a port service on it ?

I did trace code for the

CONFIG_NF_CONNTRACK_FTP CONFIG_NF_NAT_FTP

but I cant find related code about port open.

Thanks for your read.

Answer 1

There are various techniques used the make a router/firewall automatically forward ports to its clients. For example there are some protocols like: IGD, NAT-PMP et similia. But those protocol need to be implemented both on router and on client. So automatic port-mapping won't work out of the box in many cases. The lines in kernel config you are referring to CONFIG_NF_CONNTRACK_FTP CONFIG_NF_NAT_FTP are used for another reason: due to the fact that FTP protocol use two different tcp streams for comunication (one of which does not have to be "listened" by the server) your firewall needs extra "effort" to track the connection and act accordingly.