On Mon, 3 Jan 2000, Philippe Moutarlier wrote:
>
>
> [EMAIL PROTECTED] writes:
>
> > On Mon, 3 Jan 2000, Philippe Moutarlier wrote:
...
> NOT ipfwadm but ipmasqadm
Tried that too. Sambe basic line. I'm getting:
portfw: setsockopt failed: Invalid argument
I've compiled the kernel with CONFIG_IP_TRANSPARENT_PROXY=y. I've also
compiled support for masqerading - which is already working. I'm
beginning to suspect I did something wrong in the compile.
> I am running 2.2.13 : works great with it.
> Don't look too much for docs in the package : there isn't that much and that is why
>I appended the command line below.
> This adds a port forwarding:
> /usr/sbin/ipmasqadm portfw -a -P tcp -L 24.92.01.01 80 -R 192.168.0.1 80
> This will remove it :
>
> /usr/sbin/ipmasqadm portfw -d -P tcp -L 24.92.01.01 80 -R 192.168.0.1 80
>
> > Docs imply that it's
> > the corrrect tool, but it generates nothing but complaints here. Support
> > for it seems to have gone away with kernel 2.1. I find no docs that
> > apply to the 2.2 kernel and the ipfwadm file that comes with the 2.2
> > kernel rpms is in fact a wrapper for ipchains.
> >
> > I got the brilliant idea this morning to studdy that file - it may give
> > some clues, but I'm still digging.
> >
> > Thanks for the response.
> >
> > >
> > > for forwarding specific port access you might be better off using ipmasqadm
>package.
> > >
> > > I cannot tell you exactly where to look for it but here would be the trick
> > >
> > >
> > >
> > >
> > > assuming you external connection on 24.92.01.01 (fake, of course) and your
> > > internal webserver on priovate ip 192.168.0.1 with web connection on port 80
> > >
> > > Philippe
> > >
> > >
> > >
> > > [EMAIL PROTECTED] writes:
> > >
> > > > I'm building a box to act as a firewall. I intend to set up a webserver
> > > > on a second box behind that firewall, so I need to forward packets from
> > > > the exterior connection to the inside.
> > > >
> > > > Docs say you can do this with ipchains. I've done this using and earlier
> > > > kernel and snat, but I can't find any docs that cover it for ipchains...
> > > > frustrating. The ipchains howto doesn't give it. I've got the kernel
> > > > configured, but all the docs talk about masquerading and fall short of a
> > > > simple explanation of how to translate the packets on the exterior
> > > > interface to the ip address/port on the inside interface.
> > > >
> > > > Evidently, the actual setting up of packet forwarding must require another
> > > > tool.
> > > >
> > > > Anyone know where this is documented? What tool is needed?
> > > >
> > > > Maybe a simple example? I'm getting tired of trying to do this by
> > > > experiment.
> > > >
> > > > Any help would be appreciated.
> > > >
> > > > Thanks.
> > > >
> > > >
> > > >
> > > >
> > > > --
> > > > To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> > > > as the Subject.
> > >
> > >
> > > --
> > > To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> > > as the Subject.
> > >
> >
> >
> > --
> > To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> > as the Subject.
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
