Re: [SLE] How do I forward a port to a computer using IPChains
--- Tom Nielsen <tom@neuro-logic.com> wrote:
I'm not using SuSEfirewall. My firewall box is a stand-alone Red Hat which I bought 2 years ago. It's running IPChains. My work box (Suse 8.0) is not running a firewall because it's behind the firewall box.
Thoughts?
Wouldn't you do the forwarding on the redhat box? whatever software your using on SuSE just needs the port its using forwarded, and calls to the port forwarded in? just my speculation, I'm no expert by a long shot... __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com
On Mon, 2002-12-02 at 16:12, Count Schemula wrote:
--- Tom Nielsen <tom@neuro-logic.com> wrote:
I'm not using SuSEfirewall. My firewall box is a stand-alone Red Hat which I bought 2 years ago. It's running IPChains. My work box (Suse 8.0) is not running a firewall because it's behind the firewall box.
Thoughts?
Wouldn't you do the forwarding on the redhat box?
Yes. I just don't know the proper commands.
whatever software your using on SuSE just needs the port its using forwarded, and calls to the port forwarded in?
I just want to ssh into my box which is behind the firewall box. I can do a 2-part ssh.... ssh into firewall then ssh into my box, but transfering files becomes a bit hard.
Hi To forward a port with ipchains use: "ipmasqadm portfw -a -P tcp -L s.s.s.s <port> -R d.d.d.d [<dest-port>]" replace s.s.s.s with source-ip, usually the ext-interface IP, and d.d.d.d with the SuSE box IP. The last IP can be used to change the port number too.. but not needed, if the port stays the same. Hope this helps. Jaska. On Tuesday 03 December 2002 02:34, Tom Nielsen wrote:
On Mon, 2002-12-02 at 16:12, Count Schemula wrote:
--- Tom Nielsen <tom@neuro-logic.com> wrote:
I'm not using SuSEfirewall. My firewall box is a stand-alone Red Hat which I bought 2 years ago. It's running IPChains. My work box (Suse 8.0) is not running a firewall because it's behind the firewall box.
Thoughts?
Wouldn't you do the forwarding on the redhat box?
Yes. I just don't know the proper commands.
whatever software your using on SuSE just needs the port its using forwarded, and calls to the port forwarded in?
I just want to ssh into my box which is behind the firewall box. I can do a 2-part ssh.... ssh into firewall then ssh into my box, but transfering files becomes a bit hard.
Thanks for the information. Quick question: does it matter what port I use if I'm SSH'ing in? Whoops, one more: is there anything I should do on my SuSE box? Thanks for the information!!! Tom On Tue, 2002-12-03 at 15:08, jaakko tamminen wrote:
Hi
To forward a port with ipchains use:
"ipmasqadm portfw -a -P tcp -L s.s.s.s <port> -R d.d.d.d [<dest-port>]"
replace s.s.s.s with source-ip, usually the ext-interface IP, and d.d.d.d with the SuSE box IP.
The last IP can be used to change the port number too.. but not needed, if the port stays the same.
Hope this helps.
Jaska.
On Tuesday 03 December 2002 02:34, Tom Nielsen wrote:
On Mon, 2002-12-02 at 16:12, Count Schemula wrote:
--- Tom Nielsen <tom@neuro-logic.com> wrote:
I'm not using SuSEfirewall. My firewall box is a stand-alone Red Hat which I bought 2 years ago. It's running IPChains. My work box (Suse 8.0) is not running a firewall because it's behind the firewall box.
Thoughts?
Wouldn't you do the forwarding on the redhat box?
Yes. I just don't know the proper commands.
whatever software your using on SuSE just needs the port its using forwarded, and calls to the port forwarded in?
I just want to ssh into my box which is behind the firewall box. I can do a 2-part ssh.... ssh into firewall then ssh into my box, but transfering files becomes a bit hard.
-- Tom Nielsen <tom@neuro-logic.com> Neuro Logic Systems
OK - now HOW do I do it with iptables ??? Jon => -----Original Message----- => From: Tom Nielsen [mailto:tom@neuro-logic.com] => Sent: Wednesday, 4 December 2002 3:16 AM => To: SuSE Linux-e => Subject: Re: [SLE] How do I forward a port to a computer => using IPChains => => => Thanks for the information. Quick question: does it matter => what port I use if I'm SSH'ing in? Whoops, one more: is => there anything I should do on my SuSE box?
Linux journal had an interresting article about ftp proxy. And specified the iptables command: http://www.linuxjournal.com/modules.php?op=modload&name=NS-lj-issues/issue104&file=6333l2 iptables -t nat -A PREROUTING -p tcp -i eth2 \ --dport 21 -j REDIRECT iptables -t nat -A PREROUTING -p tcp -i eth0 \ --dport 21 -j REDIRECT # snip... iptables -A INPUT -p tcp -d $PUBLIC_FTP \ --dport 21 -m state --state NEW,RELATED -j ACCEPT iptables -A INPUT -p tcp -s $INTERNAL_HOSTS \ --dport 21 -m state --state NEW,RELATED -j ACCEPT # snip... iptables -A OUTPUT -p tcp -d $PUBLIC_FTP \ --dport 21 -m state --state NEW,RELATED -j ACCEPT iptables -A OUTPUT -p tcp -o eth2 --dport 21 \ -m state --state NEW,RELATED -j ACCEPT Should help you on the way.... Jon Biddell wrote:
OK - now HOW do I do it with iptables ???
Jon
=> -----Original Message----- => From: Tom Nielsen [mailto:tom@neuro-logic.com] => Sent: Wednesday, 4 December 2002 3:16 AM => To: SuSE Linux-e => Subject: Re: [SLE] How do I forward a port to a computer => using IPChains => => => Thanks for the information. Quick question: does it matter => what port I use if I'm SSH'ing in? Whoops, one more: is => there anything I should do on my SuSE box?
-- Check the headers for your unsubscription address For additional commands send e-mail to suse-linux-e-help@suse.com Also check the archives at http://lists.suse.com Please read the FAQs: suse-linux-e-faq@suse.com
Hi Well, You can use whatever port You want, just put that into /etc/ssh/sshd_config, and restart sshd. But be sure not to use some port that is "reserved" by another application / server. Default 22 is okay... To use port-forwarding, there is nothing more to do.. By default, port forwarding is active with SuSE 8.0. Jaska. On Tuesday 03 December 2002 18:15, Tom Nielsen wrote:
Thanks for the information. Quick question: does it matter what port I use if I'm SSH'ing in? Whoops, one more: is there anything I should do on my SuSE box?
Thanks for the information!!!
Tom
On Tue, 2002-12-03 at 15:08, jaakko tamminen wrote:
Hi
To forward a port with ipchains use:
"ipmasqadm portfw -a -P tcp -L s.s.s.s <port> -R d.d.d.d [<dest-port>]"
replace s.s.s.s with source-ip, usually the ext-interface IP, and d.d.d.d with the SuSE box IP.
The last IP can be used to change the port number too.. but not needed, if the port stays the same.
Hope this helps.
Jaska.
On Tuesday 03 December 2002 02:34, Tom Nielsen wrote:
On Mon, 2002-12-02 at 16:12, Count Schemula wrote:
--- Tom Nielsen <tom@neuro-logic.com> wrote:
I'm not using SuSEfirewall. My firewall box is a stand-alone Red Hat which I bought 2 years ago. It's running IPChains. My work box (Suse 8.0) is not running a firewall because it's behind the firewall box.
Thoughts?
Wouldn't you do the forwarding on the redhat box?
Yes. I just don't know the proper commands.
whatever software your using on SuSE just needs the port its using forwarded, and calls to the port forwarded in?
I just want to ssh into my box which is behind the firewall box. I can do a 2-part ssh.... ssh into firewall then ssh into my box, but transfering files becomes a bit hard.
participants (5)
-
Count Schemula -
jaakko tamminen -
Jon Biddell -
Magnus Hagebris -
Tom Nielsen