Togan Muftuoglu wrote:
Hi
What are the main differences between portfw and mfw in ipmasqadm. For example Marc prefers mfw in the SuSEfirewall script but on the other hand I have seen scripts were portfw is used only. The only thing I saw was im portfw you need the specify the protoc also tcp / udp.
Sorry until my book arrives there will be more questions coming. Ah yes when it arrives expect more to come :-)
Have a nice Sunday
-- Togan Muftuoglu
I find the packet marking stuff very useful for simplifying things. e.g. if we want 3 clients to see different webservers, then all we have to do is use the one address for any client and add the following rules; ipchains -I $INPUTCHAIN -p tcp -y -s $CLIENTA --dport 80 -m 1 ipchains -I $INPUTCHAIN -p tcp -y -s $CLIENTB --dport 80 -m 2 ipchains -I $INPUTCHAIN -p tcp -y -s $CLIENTC --dport 80 -m 3 ipmasqadm mfw -I -m 1 -r $WEBSERVER1 80 ipmasqadm mfw -I -m 2 -r $WEBSERVER2 80 ipmasqadm mfw -I -m 3 -r $WEBSERVER2 8080 This doesn't provide much security in itself though... ...you still really need password protection etc. It just makes it easier for the clients to find what they're looking for quickly. William