Displaying 12 results from an estimated 12 matches for "portfw".
Did you mean:
portf
2004 Sep 12
0
RE: No subject by Steve M
...PChains firewall:
file: /etc/rc.d/init.d/firewall
This actually opens up a few more holes for some outbound streams.
Can't remember exactly why I did it this way but it works good.
# VIOP - asterisk
# vars
$EXT_IP=your.external.ip.here
$ASTERISK_IP=your.asterisk.server.ip
#
#chains
ipmasqadm portfw -a -P udp -L $EXT_IP 5060 -R $ASTERISK_IP 5060
ipchains -A portfw -s 0/0 1024: -d $EXT_IP 5060 -p 17 -j ACCEPT
ipmasqadm portfw -a -P udp -L $EXT_IP 4569 -R $ASTERISK_IP 4569
ipchains -A portfw -s 0/0 1024: -d $EXT_IP 4569 -p 17 -j ACCEPT
ipmasqadm portfw -a -P udp -L $EXT_IP 5036 -R $ASTERISK_IP 5...
2000 May 15
1
ipmasqadm port forwarding ipportfw (HOWTO)
...h conflicting info on the net, I thought I'd
share a simple guide to set up the port forwarding side of masquerading...
this presumes you already have basic ipchains setup and simple masquerading
of internal machines installed.
PORT FORWARDING USING IPMASQADM.
Ipmasqadm supercedes the ipportfw feature.
1 - Upgrade to Kernel 2.2.12-20 if not already up to this.
2 - cd /usr/src/linux and run make menuconfig
3 - in here make sure kernel is configured to route ip, is tuned as a router
( as opposed to host ), and that ipportfw is set up as a module.
4 - download the ipmasqadm tool from...
2001 Feb 27
5
NAT+portfw failure
I have the following forced up mew by evil telco problem:
- One IP
- Homebrew LAN
- portforwarding for some services.
- extra PPTP/ppp layer to an internal 10.* network which mutilates DNS
answers.
Setup:
Machine A has ip a.b.c.d (real IP) and is reachable over ADSL with it from
the world. It does NAT for an internal LAN 192.168.0.0/24) and has portforwading
turned on for some ports (eg 80)
2002 Mar 03
1
tinc vs. ipchains masquerading
...rom unknown source 1.2.3.4:63791
Which is, of course, true. One end of the vpn is behind a masquerading
firewall, so outbound packets from my house get rewritten at the firewall.
I haven't yet figured out a way around this problem.
The example (and Ivo) suggests the use of the ipmasqadm 'portfw' module,
but this would appear to only help for inbound connections -- e.g.,
forwarding connections to 1.2.3.4:655 to 192.168.1.21:655. In fact, if I
were to initiate the connection from (home), this would appear to be
completely unnecessary, but for the sake of matching the online example
I...
2001 Feb 28
0
ipmasqadm and default route on masqueraded host
...remote 192.168.1.20) from this server to another
server without public ip and behind a router.
I wanted to make the second server visible to the world, so I reserver one of
the three ip public address (say 111.111.111.111, 111.111.111.112 and
111.111.111.113) for the job and I made an ipmasqadm portfw rule to redirect
incoming packets on 111.111.111.111 port 80 to the remote address of the
tunnel interface (192.168.1.20)
Things are running. Packets are redirected from the public address to the
private one and then , via tun interface, reach the "private server".
BUT packets are arri...
2001 Mar 05
2
[REPOST] Help me: ipmasqadm and default gatway...
...a tun interface with local
address 192.168.1.10 and remote 192.168.1.20) from this server to another
server without public ip and behind a router.
I wanted to make the second server visible to the world, so I reserved one of
the public addresses (say 2.2.2.2) for the job and I made an ipmasqadm portfw
rule to redirect incoming packets on 1.1.1.1 port 80 to the remote address of
the tunnel interface (192.168.1.20) on the same port.
Things are running. Packets are redirected from the public address to the
private one and then, via tun interface, reach the "private server".
*BUT* packe...
2003 Mar 20
9
Routing/forwarding/shaping problems in v2.2.x (Long - sorry)
...erface, and then use the dummy interface as the default gateway?
Effectively this would do the same thing as setting up two routers
bacl-to-back, and using only egress shaping on both routers to achieve
ingress shaping? Kind of like having a logical, rather than a physical
router?
2) ipmasqadm portfw unstable/unreliable
I have tried to use this approach to forward ports from the firewall to an
internal server. It works OK initially, but within minutes, things start
going wrong. Some connections get through on one interface but not the other.
Later, connections from the same host will work o...
2004 Aug 21
0
Port forwarding from Internal LAN
...rwarding in IPTABLES and so far it's working great from the internet, but when I attempt from my internal LAN using the External IP address, it fails.
EXTIF="eth0"
INTIF="eth1"
EXTIP="xxx.xxx.xxx.xxx"
INTNET="192.168.1.0/24"
INTIP="192.168.1.1"
PORTFWIP="192.168.1.13"
>From the internet, if I type in http://xxx.xxx.xxx.xxx:81 it works.
When use a computer on my LAN and type in http://192.168.1.13:81 it works.
However, when i type in from a computer on my LAN: http://xxx.xxx.xxx.xxx:81 it does not.
Any ideas? Thanks in advance....
2004 Aug 03
2
Question with DNAT
...ST PROTO DEST SOURCE ORIGINAL
# PORT PORT(S) DEST
DNAT net loc:192.168.40.9 tcp 5800
But how do I forward this?
ie: firewall.public.ip:100 -> masqueraded.server.ip:101
I have previously set this up under "ipchains" kernels using
ipmasqadm via the following command.
ipmasqadm portfw -a -P tcp -L $IPLOCAL 5801 -R 192.168.1.51 5800
I know it must be in the documentation somewhere, I just can''t find
it ...
Thanks
Ian
2001 Mar 09
0
Port forwarding problem with 2.5.1p2
Hi,
There appears to be a bug in 2.5.1p2 that is not present on 2.3.0p1.
The environment in question is Solaris, on either Intel or Sparc. The
arrangement is as follows:
System bar forwards a port from itself to system baz by doing
su portfw -c 'ssh -2 -P -N -f -g -L 3333:baz:22 baz'
System foo, which can talk to bar but not baz, initiates an ssh
connection to bar port 3333, and is able to log in through that to
baz, which runs an sshd on port 22.
The problem is that this only works once. After disconnecting from
baz, a subs...
2006 Jan 30
0
loadbalancing multipath routing frequently freezes udp connections
...ble 201
ip route add 10.3.3.0/24 dev eth2 proto static table 201
ip route add default via 10.3.3.100 proto static table 201
ip route add default scope global nexthop via 10.2.2.100 dev eth1
nexthop via 10.3.3.100 dev eth2
# contains MARK rules for connection initiations coming from the outside
#(portfw)
iptables -t mangle -N INCOMINGMARK
# contains MARK rules for connection initiations coming from the inside
# routed by multi path routes
iptables -t mangle -N OUTGOINGMARK
# contains MARK rules for connection initiations coming from the inside
# forced by user configuration to leave through a sp...
2006 Mar 14
1
iptables+iproute problem
...le comments
# 0.79s - ruleset now uses modprobe instead of insmod
# 0.78s - REJECT is not a legal policy yet; back to DROP
# 0.77s - Changed the default block behavior to REJECT not DROP
# 0.76s - Added a comment about the OPTIONAL WWW ruleset and a comment
# where to put optional PORTFW commands
# 0.75s - Added clarification that PPPoE users need to use
# "ppp0" instead of "eth0" for their external interface
# 0.74s - Changed the EXTIP command to work on NON-English distros
# 0.73s - Added comments in the output section that DHCPd is optional
#...