Re: AW: [suse-security] port forwarding with ipchains / firewallpacka ge suse 6.4
thanks to everybody who droped me a lign. I eventually tried it with rinetd and I works just perfect. Cool thing, but why isn't it mentioned anywhere in the firewall section of the Book that comes with the 6.4 distro? anyway, thanks & enjoy the weekend -florian On Thu, 25 May 2000, "Bär, Wolfgang" wrote:
Hi,
I'm using series n, rinetd for smtp, pop forwarding... works fine :-)
If you need details, mail me
Mit freundlichen Gruessen,
W.Bär
IVM GmbH & Co KG -EDV- Tel: +49 (89) 62 189-583 Candidplatz 11 Fax: +49 (89) 62 189-123 D-81534 Muenchen
-----Ursprüngliche Nachricht----- Von: Florian Gnägi [mailto:gnaegi@icu.unizh.ch] Gesendet: Donnerstag, 25. Mai 2000 18:19 An: suse-security@suse.de Betreff: [suse-security] port forwarding with ipchains / firewallpackage suse 6.4
Hi
I have serious problems installing a working port forwarding setup on a SuSE 6.4 box. I have a internal webserver I want to make public.
+------------+ +--------------------+ internet ---| myfirewall |----| internal www-server| | 195.x.x.x. | | 10.10.10.150 | +------------+ +--------------------+
I've red all kind of masquerade, ipchains and firewall-howtos I could get but it still doesn't work or said the other way round: I just don't get it.
I have no problem using the Internet from the internale network, masquerading seems to work fine.
I'm using the /etc/rc.config.d/firewall.rc.config file with the parameters
FW_SERVICES_EXTERNAL_TCP="www ssh domain smtp" FW_FORWARD_TCP="0/0,10.10.10.150,80"
but it doesn't work. I tried all other kind of combinations and also with the option
FW_REDIRECT_TCP="0/0,10.10.10.150,80,80"
but I can't make it work.
I installed ipmasqadm since I couldn't find it on the CD's and it was mentioned in all the howto's
However,
portfw -a -P tcp -L 195.x.x.x.x 80 -R 10.10.10.150 80
didn't change anything neither.
I'm using the standard 2.2.14 kernel which comes with SuSE 6.4, I recompiled and made sure alle IP and firewall options found their way into my kernel.
Any hints and help would be apprechiated very much. I can send you a ipchains-save dump if this helps helping me...
Do I need to install anything that doesn't come automatically with the suse firewall package?
greetings
-florian
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
thanks to everybody who droped me a lign. I eventually tried it with rinetd and I works just perfect. Cool thing, but why isn't it mentioned anywhere in the firewall section of the Book that comes with the 6.4 distro?
:-) Write to the author! Good idea. Another trick: Suppose I'm on host "hostA" and I want to forward all SMTP connections to "hostB", port 2500: root@hostA:~ # ssh -f -g -L 25:hostB:2500 hostA /bin/sleep 999999999 (*) (*): long enough...
anyway, thanks & enjoy the weekend
-florian
Viele Grüße, Roman. -- _ _ | Roman Drahtmüller "The best way to pay for a | CC University of Freiburg lovely moment is to enjoy it." | email: draht@uni-freiburg.de - Richard Bach | - -
participants (2)
-
Florian Gnägi
-
Roman Drahtmueller