[ale] Port forwarding question

Robert Hoffman rob at frankenlinux.com
Wed Feb 7 09:54:48 EST 2001


Hi eric,

I use the following line on RedHat 6.2 to forward port 80 on the internet side of my firewall () to port 8080 on a machine on my internal network.

ipmasqadm portfw -a -P tcp -L 216.3.25.11 80 -R 192.168.2.23 8080

This line appears to match your entry which makes me wonder whether the internal machine is being allowed to respond to the outside world. You should be able to test this by allowing all traffic originating inside your LAN to get masqueraded on the way out. Try these rules and the lock them down after you work out any other kinks in your firewall script.

#Accept and forward all outgoing from internal LAN
/sbin/ipchains -A input -b -s 192.168.0.0/24 -j ACCEPT
/sbin/ipchains -A forward -b -s 192.168.0.0/24 -d 0.0.0.0/0 -j MASQ

Hope this helps. 

-Rob Hoffman

---------- Original Message ----------------------------------
From: Eric_Brubakken at aoncons.com
To: ale at ale.org
Date: Wed, 7 Feb 2001 08:43:28 -0500

>
>
>I am still trying to get both my oracle and pop3 connections to work from
>outside my firewall.
>
>In my firewall script I have the following:
>
>/usr/sbin/ipmasqadm portfw -f
>/usr/sbin/ipmasqadm portfw -a -P tcp -L 64.81.31.123 1521 -R 192.168.0.2 1521
>/usr/sbin/ipmasqadm portfw -a -P tcp -L 64.81.31.123 110 -R 192.168.0.2 110
>
>As usual I really don't have a clue as to what I am doing here - I just know
>this does not work.  I do have most everything else working to the server ftp,
>telnet etc.  But just can't get this port forwarding working.  I have re-read
>both how-tos on ipchains and masquerading, but didn
>
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list