I'm trying to forward port 23 to one of my internal computers. My gateway has
a cable connection on eth1 (dynamic ip) and internal network on eth0 (static
ip). I keep getting connection refused. I can ssh directly to port 23 (I
moved the port) on 192.168.1.4 internally but my gateway doesn't want to
forward it I'm using the following script which I modified from the bastille
website (its located at /etc/Bastille/firewall.d/pre-audit.d/portforward.sh):
IP_FORWARDS="eth1-0.0.0.0-23-tcp-192.168.1.4-23
eth1-0.0.0.0-23-udp-192.168.1.4-23 eth0-0.0.0.0-23-tcp-192.168.1.4-23
eth0-0.0.0.0-23-udp-192.168.1.4-23"
#
#
for fw_rule in ${IP_FORWARDS} ; do
# ugly awk hack
fw_iface=`echo "$fw_rule" | awk -F\- '{print $1}'`
fw_inaddr=`echo "$fw_rule" | awk -F\- '{print $2}'`
fw_inport=`echo "$fw_rule" | awk -F\- '{print $3}'`
fw_inproto=`echo "$fw_rule" | awk -F\- '{print $4}'`
fw_outaddr=`echo "$fw_rule" | awk -F\- '{print $5}'`
fw_outport=`echo "$fw_rule" | awk -F\- '{print $6}'`
if [ -n "${fw_iface}" ]; then
# we have an interface specified
${IPTABLES} -A PREROUTING -t nat -i $fw_iface -d $fw_inaddr \
-p tcp --destination-port $fw_inport -j DNAT --to
$fw_outaddr:$fw_outport
${IPTABLES} -A PREROUTING -t nat -i $fw_iface -d $fw_inaddr \
-p udp --destination-port $fw_inport -j DNAT --to
$fw_outaddr:$fw_outport
else
# apply forward to all interfaces
${IPTABLES} -A PREROUTING -t nat -d $fw_inaddr \
-p tcp --destination-port $fw_inport -j DNAT --to
$fw_outaddr:$fw_outport
${IPTABLES} -A PREROUTING -t nat -d $fw_inaddr \
-p udp --destination-port $fw_inport -j DNAT --to
$fw_outaddr:$fw_outport
fi
done
Thanks
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
