Ulf Rasch wrote:
Wolfgang Kluge wrote:
I am quite new to configuring a firewall and I will appreciate any help I can get.
I am running SuSE 9.3, default Kernel on my firewall machine and want to redirect client FTP requests to Frox proxy, port 2121 on the firewall machine.
In /etc/sysconfig/SuSEfirewall2, section 15 I set FW_REDIRECT="192.168.0.0/24,0/0,tcp,21,2121"
But nothing gets redirected. What did I overlook?
The syntax is:
# 15.) # A redirecting rule consists of 1) source IP/net, 2) destination IP/net, # 3) protocol (tcp or udp) 3) original destination port and 4) local port to # redirect the traffic to, seperated by a colon. e.g.: # "10.0.0.0/8,0/0,tcp,80,3128 0/0,172.20.1.1,tcp,80,8080" # Please note that as 2) destination, you may add '!' in front of the IP/net # to specify everything EXCEPT this IP/net. #
You want to say FW_REDIRECT="0/0,192.168.0.XXX,tcp,21,2121"
0/0 means anywhere 192.168.0.XXX/24 would be the ip address to forward to. Relace the XXX to complete the IP address. (BTW 0 would not be valid)
Redirect means redirecting to a port on the _local_ machine. The term you are most likely looking for is 'forwarding'. Have a look at FW_FORWARD_MASQ. cu Ludwig -- (o_ Ludwig Nussel //\ SUSE LINUX Products GmbH, Development V_/_ http://www.suse.de/