Togan Muftuoglu wrote:
You should be able to use it via SuSEfirewall2 cool
[1] iptables -I PREROUTING -t nat -p tcp --dport 1720 -j REDIRECT [2] iptables -I INPUT -p tcp --dport 10200:10209 -j ACCEPT [3] iptables -I INPUT -p udp --dport 10200:10259 -j ACCEPT
Will translate into [1] FW_REDIRECT=192.168.0.0/24,0/0.1720.1720 I am assuming that you were just doing this from memory and slightly missed the syntax. according to the SuSEfirewall2 comments for this it should be source,dest,protocol,sourceport,destport so I wrote FW_REDIRECT="192.168.0.0/24,0/0,tcp,1720,1720"
are you sure it is this and not FW_REDIRECT="0/0,192.168.0.0/24,tcp,1720,1720" I got that far but it still doesn't work. I did the tests in the nmproxy help section "The proxy does not seem to work properly, or at all" and telnet localhost 1720 works but telnet firewall 1720 didn't work at first. I added 1720 to FW_ALLOW_INCOMING_HIGHPORTS_TCP and then it worked. Telnet some external address 1720 gets "connection refused". The help says If you get a "Connection refused" error, or it just times out, then the REDIRECT rule for port 1720 is either wrong, or is being interfered with by some other rule that precedes it. I tried both FW_REDIRECT="192.168.0.0/24,0/0,tcp,1720,1720" and FW_REDIRECT="0/0,192.168.0.0/24,tcp,1720,1720" but neither worked. Any suggestions? Damon Register