I had just requested whitelisting of an IP on my VPS, tried to connect to the FTP server but I was still blocked… “What could be wrong?”, I wondered and decided to check the external IP address.
$ dig +short myip.opendns.com @resolver1.opendns.com 220.127.116.11
Well, crap… that’s the servers address, but not the address that is assigned to the user. After searching for at least an hour, I stumbled upon this command:
iptables -t nat -A POSTROUTING -m owner --uid-owner USER -j SNAT --to-source IP
So, in my case this became:
iptables -t nat -A POSTROUTING -m owner --uid-owner pingwin -j SNAT --to-source 18.104.22.168
The only thing I’m still figuring out is why this sometimes gets reset. The server does not reboot, nor does the firewall restart. I’m thinking of just creating a cronjob to repeat this command every few hours, but that’s not really clean solution.