[ale] NAT proxy?

djinn at djinnspace.com djinn at djinnspace.com
Mon Jul 30 09:32:20 EDT 2001


Hi Dow,

I'm in the process of doing something similar with a web server sitting behind a
NAT/firewall.  I've been following Rusty Russell's HOWTOs and have found them to
be very readable,  and very helpful as well.

http://netfilter.samba.org/unreliable-guides/
http://netfilter.samba.org/unreliable-guides/packet-filtering-HOWTO/packet-filtering-HOWTO.linuxdoc.html

http://netfilter.filewatcher.org/unreliable-guides/NAT-HOWTO/NAT-HOWTO.linuxdoc.html

Good luck!!

jenn


Dow Hurst wrote:

> I have a project I am working on for someone and have come up with this
> scenario to figure out:
>
> What are the techniques for having connections initiated *from* the
> Internet passed thru a NAT based firewall and to a listening daemon on a
> server behind the NAT based firewall?
>
> I am interested in having specific IPs outside a firewall able to
> request services such as X connections or SSH connections from any of a
> set of servers that are behind a NAT/ipchains based firewall.  Is there
> a way to do this?
>
> Imagine a lab of PCs needing to connect to servers running chemistry
> software.  The PCs are represented by a known range of dynamic IPs and
> the servers are hidden behind a NAT/ipchains based firewall.  The
> non-networked address range behind the NAT firewall is 192.168.100.0.
> Can I have a proxy of sorts on the firewall willing to forward
> connections in a round robin fashion?  The first connection goes to
> 192.168.100.3, the second to 192.168.100.4, and so on.  Has anyone done
> this or know of any way to do it?  I understand that I can forward
> certain ports to a particular DMZ type server, but I want more
> flexibility.  Thanks for the help,
> Dow
>
> --
> __________________________________________________________
> Dow Hurst                   Office: 770-499-3428
> Systems Support Specialist  Fax:    770-423-6744
> 1000 Chastain Rd.
> Chemistry Department SC428  Email:dhurst at kennesaw.edu
> Kennesaw State University         Dow.Hurst at mindspring.com
> Kennesaw, GA 30144
> *********************************
> *Computational Chemistry is fun!*
> *********************************
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.





More information about the Ale mailing list