Linux/AM3352: iptables ftp helper not working

Part Number:AM3352

Tool/software: Linux

Hi,

I have 2 devices (both AM3352) - one is for processing the data (let's call it MAIN), the other is for LCD, buttons and user interface (I'll refer to this one as HMI). Both are connected to each other with ppp (tun/tap) interface over RS422. On HMI is installed ftp server (vsftp to be specific), working in passive mode. I have to forward the connection coming to eth0 of MAIN thru ppp0 interface to ftp server on HMI.

Normally I would put this problem on some stack(Overflow/Exchange/Whatever), but I have reproduced my problem on VMs (I had working ftp on windows10 vm and new lubuntu for iptables) and my solution is working on desktops.

Here is my setup: (on VMs interfaces names and IPs are changed, rest is same)

## raw
iptables -t raw -A PREROUTING -p tcp -m tcp --dport 21 -j CT --helper ftp
## filter
iptables -A FORWARD -d 192.168.201.1/32 -p tcp -m tcp --dport 21 -j ACCEPT
## nat
iptables -t nat -A PREROUTING -p tcp -m tcp --dport 21 -j DNAT --to-destination 192.168.201.1:21
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

# cat /proc/sys/net/netfilter/nf_conntrack_helper
0
# cat /proc/sys/net/ipv4/ip_forward
1

# modprobe nf_nat_ftp
# lsmod
Module                  Size  Used by
nf_nat_ftp              1839  0
nf_conntrack_ftp        6534  2 nf_nat_ftp
xt_CT                   3205  1
iptable_raw             1510  1
xt_conntrack            2886  0
iptable_filter          1808  1
ipt_MASQUERADE          1102  1
nf_nat_masquerade_ipv4     2734  1 ipt_MASQUERADE
xt_nat                  1671  1
xt_tcpudp               2137  3
iptable_nat             1803  1
nf_conntrack_ipv4       6580  2
nf_defrag_ipv4          1435  1 nf_conntrack_ipv4
nf_nat_ipv4             5261  1 iptable_nat
nf_nat                 15612  4 xt_nat,nf_nat_ftp,nf_nat_masquerade_ipv4,nf_nat_ipv4
nf_conntrack           76225  8 nf_conntrack_ftp,nf_conntrack_ipv4,nf_nat_ftp,xt_CT,nf_nat_masquerade_ipv4,xt_conntrack,nf_nat_ipv4,nf_nat
ip_tables              11523  3 iptable_filter,iptable_raw,iptable_nat
x_tables               18629  8 xt_nat,ip_tables,iptable_filter,xt_tcpudp,iptable_raw,ipt_MASQUERADE,xt_CT,xt_conntrack

to connect I'm using filezilla - connection time outs after some time - to be sure I have same setup I have cloned setting and changed IP for both VM and am335x setups.

While connecting to HMI directly ftp is working fine.

I am using kernel: 4.9.50

from git://git.ti.com/ti-linux-kernel/ti-linux-kernel.git

commit: 4ad5dcaca7428dd2bc1a6a40c948e3799c1e27ae

I have also tried using two am335x connected with eth interface - same here so it's probably not ppp problem.

I'l be realy glad if you can at least show me some direction to look for an answer. 

Kind regards,

Marek