On Sun, Feb 25, 2001 at 08:52:32PM -0600, Jeffrey Taylor wrote:
It doesn't. I added the following lines near the end of /sbin/SuSEfirewall. It is forwarding ports 61222 and 61223 to ssh on two different internal machines. Generallizing this so it can be done in the rc.config.d/firewall.rc.config like other rules is on my todo list.
HTH, Jeffrey
# FIXME: kludge for SSH redirection test "$1" = start && { $IPCHAINS -I input -j "$ACCEPT" -p tcp -i eth0 --dport 61222 -m "$COUNTER" -l -y $IPMASQADM mfw -I -m "$COUNTER" -r 172.20.10.18 ssh COUNTER=`expr 1 + $COUNTER`
$IPCHAINS -I input -j "$ACCEPT" -p tcp -i eth0 --dport 61223 -m "$COUNTER" -l -y $IPMASQADM mfw -I -m "$COUNTER" -r 172.20.10.24 ssh COUNTER=`expr 1 + $COUNTER` }
I've tried this (maybe a bit modified). There are neither COUNTER nor IPMASQADM variables in SuSEfirewall script. So I ran ipchains and ipmasqadm commands manually after starting rcfirewal. No good, nothing gets forwarded. ``ipmasqadm mfw -L'' shows correct results for the IP and port. I checked, I can access Apache on internal NT from firewal machine, but if I try to access it from outside, connection never opens. What version of firewals do you use? Do you set any values to FW_FORWARD_TCP in configuration file? What else may be different in my setup from yours? Thanks, -Kastus
Quoting Konstantin (Kastus) Shchuka
: Hi there,
Has anybody on the list got any success configuring port forwarding using firewals-2.1-5.rpm?
I am driven completely mad. I followed all comments in configuration file, I looked thoroughly through examples, -- to no avail!
I also tried ipmasqadm with mfw module--no good.
What I actually need to do:
I have SuSE 6.4 box as a firewall. I have an NT box on internal network. I need to make Apache running on NT visible from the Internet.
Pretty simple, you would say. I thought it too. It appeared not so simple.
Please help.
-Kastus
-- I don't do Windows and I don't come to work before nine. -- Johnny Paycheck
-- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq