Mailinglist Archive: opensuse-security (195 mails)
| < Previous | Next > |
Re: [suse-security] *WANTED: ipchains guru*
- From: Fred Mobach <fred@xxxxxxxxx>
- Date: Thu, 16 Mar 2000 08:40:25 +0100
- Message-id: <38D08FE8.1DD3AE54@xxxxxxxxx>
"Daniel L. Donahue" wrote:
> On Wed, 15 Mar 2000, Chrissy LeMaire wrote:
> >
> > Sorry, read too fast.. I dont think ipchains can do port forwarding at this
> > time, but "redir" kinda works (I got it to work for www, but not smtp)
> > redir is also available on freshmeat.net
> > The mailing list may be able to provide more info about port forwarding
>
>
> I think you mean forwarding ports to other machines (as opposed to
> just redirecting them on a particular interface/machine). Plenty of
> programs do-- redir is one, squid has the ability to do some incredibly
> complex tasks, and other utilities can be used like an ssh port forward
> (or even netcat for that matter).
Also rinetd for tcp and uredir for udp.
> As for ipchains, i think it can do port forwarding itself-- this
> is from /sbin/ipchains --help:
>
> --destination -d [!] address[/mask] [!] [port[:port]]
> destination specification
>
> This seems to imply that it can be handled by ipchains.
Not exactly, the [port[:port]] denotes a range of ports, e.g. 1:65535.
Regards,
Fred Mobach
> On Wed, 15 Mar 2000, Chrissy LeMaire wrote:
> >
> > Sorry, read too fast.. I dont think ipchains can do port forwarding at this
> > time, but "redir" kinda works (I got it to work for www, but not smtp)
> > redir is also available on freshmeat.net
> > The mailing list may be able to provide more info about port forwarding
>
>
> I think you mean forwarding ports to other machines (as opposed to
> just redirecting them on a particular interface/machine). Plenty of
> programs do-- redir is one, squid has the ability to do some incredibly
> complex tasks, and other utilities can be used like an ssh port forward
> (or even netcat for that matter).
Also rinetd for tcp and uredir for udp.
> As for ipchains, i think it can do port forwarding itself-- this
> is from /sbin/ipchains --help:
>
> --destination -d [!] address[/mask] [!] [port[:port]]
> destination specification
>
> This seems to imply that it can be handled by ipchains.
Not exactly, the [port[:port]] denotes a range of ports, e.g. 1:65535.
Regards,
Fred Mobach
| < Previous | Next > |