At 10:42 PM 9/29/98 -0400, Kent Quirk wrote:
>Background: our server was set up by someone who no longer works here.
>We've been using ip masquerading to provide access from several machines
>to the net with no trouble. I know enough about Linux to be dangerous,
>but I'm most definitely not a guru.
>
>We've just installed a new server behind our Linux firewall. It's
>running one special protocol that uses one port. I'd like to make it
>available so that someone from outside can get to that machine.
>
>I'd like to have all the packets sent to our IP address that use a
>specific port, say 2222, get forwarded to 192.168.1.99, still using the
>same port.
>
>I've been through the man pages for ipfwadm and ipfw, and a good chunk
>of the archives for this list. One of those messages suggested ipautofw,
>but we don't have the man page and the -? help isn't enough to clue me
>in. I can't find any trace of ipportfw on our system.
>
>Can someone please tell me what I need to tell either ipfwadm or
>ipautofw to make this happen?
>
>Thanks a lot.
>
> Kent
OK, you actually have a couple of choice here:
1) ipautofw - From the docs, this seems to add a range of ports to the
masqerading list in the kernel whenever a packet is received on a specific
port. This is a kernel patch. Some people on the list have complained of
trouble with it, others have no problems.
2) ipportfw - Again, haven't used it. As I understand it, this package does
things a little differently than ipautofw, in that it sets up a permanent
forward for the ports in question, not just adding them in response to a
packet send, and is considered by some to be a bit more stable.
3) redir - This is what I use. It only works for TCP connections (I think),
but if what you need is to redirect one TCP port to another machine, it's
just the ticket. Basically, it's a small program, which can run as any
user, that sets up to listen on a specific port. When a packet comes in, it
forwards it to where it's command line options tell it to (usually another
machine). Works great with the VNC stuff from ORL - your milage may vary.
Downside is that one copy of redir redirects one port. If you want multi
port redirection, you seem to need to run multi copies of redir. Since I
only want one port redirected, it's fine with me. This has the distinct
advantage of being very simple to understand, and to NOT require kernel
patches.
http://www.indyramp.com/mirrors/ipmasq is the resource page, where you can
find ipautofw and redir. They also seem to have a UDP redirector, and a
link to a 'port forwarding' page, which may be what people call 'ipportfw'.
Good luck!
Michael Kohne
[EMAIL PROTECTED]
"Evolution is God's version of domino rally"
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]
