Mailinglist Archive: opensuse-security (195 mails)

< Previous Next >
Re: [suse-security] *WANTED: ipchains guru*
  • From: Chrissy LeMaire <chrissy@xxxxxxxxxxxx>
  • Date: Wed, 15 Mar 2000 23:45:59 -0800
  • Message-id: <4.2.0.58.20000315232818.00af8c08@xxxxxxxxxxxxxxxxx>


I think you mean forwarding ports to other machines (as opposed to
just redirecting them on a particular interface/machine).

Oui :)



As for ipchains, i think it can do port forwarding itself-- this
is from /sbin/ipchains --help:

--destination -d [!] address[/mask] [!] [port[:port]]
destination specification

The destination, as far as I know is where the packet is headed. For instance, one of my chains says
/sbin/ipchains -A input -p tcp -s 0/0 -d 192.168.0.1/32 80 -j ACCEPT
"if the source of the packet is coming from any ip (0/0) and its destination is port 80 my own ip (192.168.0.1) ..accept it."

I fiddled with getting ipchains to do what redir does a few months ago..and did not get anywhere. ipchains can be used to redirect (-j REDIRECT) one port to another (ex. 192.168.0.1:80 -> 192.168.0.1:21), on the same IP address..but not to another IP address..


Chrissy




< Previous Next >
References