Mailinglist Archive: opensuse-security (193 mails)

[Ulf Rasch <u.rasch@xxxxxxxxxxxx>]

Wolfgang Kluge wrote:
> Good morning.
>
> I am quite new to configuring a firewall and I will appreciate any help 
> I can get.
>
> I am running SuSE 9.3, default Kernel on my firewall machine and want to 
> redirect client FTP requests to Frox proxy, port 2121 on the firewall 
> machine.
>
> In /etc/sysconfig/SuSEfirewall2, section 15 I set
> FW_REDIRECT="192.168.0.0/24,0/0,tcp,21,2121"
>
> But nothing gets redirected.  What did I overlook?
>
> Regards
>
> Wolfgang Kluge

The syntax is:

# 15.)
# A redirecting rule consists of 1) source IP/net, 2) destination IP/net,
# 3) protocol (tcp or udp) 3) original destination port and 4) local port to
# redirect the traffic to, seperated by a colon. e.g.:
# "10.0.0.0/8,0/0,tcp,80,3128 0/0,172.20.1.1,tcp,80,8080"
# Please note that as 2) destination, you may add '!' in front of the IP/net
# to specify everything EXCEPT this IP/net.
#

You want to say
FW_REDIRECT="0/0,192.168.0.XXX,tcp,21,2121"

0/0 means anywhere
192.168.0.XXX/24 would be the ip address to forward to. Relace the XXX 
to complete the IP address. (BTW 0 would not be valid)