Mailinglist Archive: opensuse-security (195 mails)
| < Previous | Next > |
Re: [suse-security] *WANTED: ipchains guru*
- From: Chrissy LeMaire <chrissy@xxxxxxxxxxxx>
- Date: Wed, 15 Mar 2000 23:45:59 -0800
- Message-id: <4.2.0.58.20000315232818.00af8c08@xxxxxxxxxxxxxxxxx>
I think you mean forwarding ports to other machines (as opposed to
just redirecting them on a particular interface/machine).
Oui :)
As for ipchains, i think it can do port forwarding itself-- this
is from /sbin/ipchains --help:
--destination -d [!] address[/mask] [!] [port[:port]]
destination specification
The destination, as far as I know is where the packet is headed. For instance, one of my chains says
/sbin/ipchains -A input -p tcp -s 0/0 -d 192.168.0.1/32 80 -j ACCEPT
"if the source of the packet is coming from any ip (0/0) and its destination is port 80 my own ip (192.168.0.1) ..accept it."
I fiddled with getting ipchains to do what redir does a few months ago..and did not get anywhere. ipchains can be used to redirect (-j REDIRECT) one port to another (ex. 192.168.0.1:80 -> 192.168.0.1:21), on the same IP address..but not to another IP address..
Chrissy
| < Previous | Next > |