Mailinglist Archive: opensuse-security (487 mails)
| < Previous | Next > |
suse-security list
- From: René Garizzao <rgarizzao@xxxxxxxxxxxxxx>
- Date: Thu, 24 Oct 2002 08:54:54 -0500
- Message-id: <200210240854.54454.rgarizzao@xxxxxxxxxxxxxx>
Hello Uli,
I present to you following porblem I haven't closed succesfully:
Configuration:
==========
Internal <---> Firewall (SuSE8.0) <---> Internet <---> Client
Web Server (int_dev: 10.3.1.10)
(10.3.1.34) (ext_dev: x.y.z.a)
Well, certain client shall connect to the internal Web server to make use of
a data base application. The Client should give the ext_dev ip address and
the desired port to connect, i.e. http://x.y.z.a:5678
The request should pass through the firewall and be redirected straight to the
webserver 10.3.1.34 .(port 80)
I tried different configuration examples without success. Have you any
experience wuthin?
SuSEfirewall Configuration
===================
(This configuration uses port 80 and not the desired high port 5678)
FW_DEV_EXT="eth1"
FW_DEV_INT="eth0"
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_NETS="10.3.0.0/16"
FW_PROTECT_FROM_INTERNAL="yes"
FW_AUTOPROTECT_SERVICES="yes"
FW_SERVICES_EXT_TCP="25 53 80"
FW_SERVICES_EXT_UDP="53"
FW_SERVICES_INT_TCP="25 53 80"
FW_SERVICES_INT_UDP="53"
FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS"
FW_SERVICE_DNS="yes"
FW_FORWARD="0/0,x.y.z.a,tcp,80 x.y.z.a,10.3.1.34,tcp,80
0/0,10.3.1.34/255.255.255.255,tcp,80"
#
FW_REDIRECT="10.3.0.0/16,0/0,tcp,53,53 10.3.0.0/16,0/0,tcp,25,25
10.3.0.0/16,0/0,udp,53,53 10.3.1.34,0/0,tcp,80,80"
===========================================================
Thanks in advance for any further help you could provide me.
I present to you following porblem I haven't closed succesfully:
Configuration:
==========
Internal <---> Firewall (SuSE8.0) <---> Internet <---> Client
Web Server (int_dev: 10.3.1.10)
(10.3.1.34) (ext_dev: x.y.z.a)
Well, certain client shall connect to the internal Web server to make use of
a data base application. The Client should give the ext_dev ip address and
the desired port to connect, i.e. http://x.y.z.a:5678
The request should pass through the firewall and be redirected straight to the
webserver 10.3.1.34 .(port 80)
I tried different configuration examples without success. Have you any
experience wuthin?
SuSEfirewall Configuration
===================
(This configuration uses port 80 and not the desired high port 5678)
FW_DEV_EXT="eth1"
FW_DEV_INT="eth0"
FW_ROUTE="yes"
FW_MASQUERADE="yes"
FW_MASQ_NETS="10.3.0.0/16"
FW_PROTECT_FROM_INTERNAL="yes"
FW_AUTOPROTECT_SERVICES="yes"
FW_SERVICES_EXT_TCP="25 53 80"
FW_SERVICES_EXT_UDP="53"
FW_SERVICES_INT_TCP="25 53 80"
FW_SERVICES_INT_UDP="53"
FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes"
FW_ALLOW_INCOMING_HIGHPORTS_UDP="DNS"
FW_SERVICE_DNS="yes"
FW_FORWARD="0/0,x.y.z.a,tcp,80 x.y.z.a,10.3.1.34,tcp,80
0/0,10.3.1.34/255.255.255.255,tcp,80"
#
FW_REDIRECT="10.3.0.0/16,0/0,tcp,53,53 10.3.0.0/16,0/0,tcp,25,25
10.3.0.0/16,0/0,udp,53,53 10.3.1.34,0/0,tcp,80,80"
===========================================================
Thanks in advance for any further help you could provide me.
| < Previous | Next > |