On Sun, 5 Dec 1999 23:38:48 -0800 (PST), Dave Wiard wrote:
>could somebody give me some pointers on how to use ipmasqadm? i don't
Use it e.g. to forward accesses to a port on your firewall to an internal
machine like this:
/usr/sbin/ipmasqadm portfw -a -P tcp -L $EXT_IP ssh -R $INT_HOST ssh
The above means: redirect accesses to machine $EXT_IP/port ssh to machine
$INT_HOST, port ssh.
>seem to have a man page for it and 'usage: ipmasqadm MODULE [opts] '
>doesn't help me much. i don't have a lot of experience with loadable
>modules and such.
There IS a man page for it:
# dpkg -S ipmasqadm
[...]
netbase: /usr/man/man8/ipmasqadm.8.gz
# dpkg -l netbase
[...]
ii netbase 3.12-2 Basic TCP/IP networking binaries
You can get basic help by invoking the following:
# ipmasqadm portfw -h
Usage: portfw -a -P PROTO -L LADDR LPORT -R RADDR RPORT [-p PREF] add entry
portfw -d -P PROTO -L LADDR LPORT [-R RADDR RPORT] delete
entry
portfw -f clear
table
portfw -l list table
portfw <args> -n no names
PROTO is the protocol, can be "tcp" or "udp"
LADDR is the local interface receiving packets to be forwarded.
LPORT is the port being redirected.
RADDR is the remote address.
RPORT is the port being redirected to.
PREF is the preference level (load balancing, default=10)
and
# ipmasqadm autofw
Usage:
ipautofw <command> <options>
Valid commands:
-A add new autoforward entry
-D delete an autoforward entry
-F flush the autoforward table
Valid options:
-r <type> <low> <high> forwarding on ports <low> to <high> using
protocol <type> (tcp or udp)
-h <host> IP address of host to receive forwarded
packets
-d <type> <low> <high> specifies a set of ports which will not use
the default high range (60000+) masquerade
port area
-p <type> <visible> <host>:<hidden>
set up port bouncing from visible host port
to masqueraded host <host> on port
<hidden>,
protocol <type> (currently not supported)
-c <type> <port> specifies a control port and protocol
-u Do _not_ require that a host connect within
15 seconds of triggering the control port
-i Insecure mode; any host many connect after
implied by not using the -c option or
implied
by using the -h option
once the control port has been triggered
-v Verbose mode
and also
# ipmasqadm mfw
Usage: mfw -A -m FWMARK -r RADDR RPORT [-p PREF] add entry
mfw -D -m FWMARK [-r RADDR RPORT] delete entry
mfw -E -m FWMARK [-r RADDR RPORT] edit entry
mfw -S -m FWMARK force scheduling
mfw -F clear table
mfw -L list table
mfw <args> -n no names
FWMARK is the fwmark being redirected.
RADDR is the remote address.
RPORT is the port being redirected to.
PREF is the preference level (load balancing, default=10)
There should also be some docs under /usr/doc/ipportfw.
HTH,
Ralf
--
Sign the EU petition against SPAM: L I N U X .~.
http://www.politik-digital.de/spam/ The Choice /V\
of a GNU /( )\
Generation ^^-^^
