Remco Barendse
2003-Jan-02 08:16 UTC
[Shorewall-users] Routing inomcing TightVNC connections?
Hi! I have this rule to allow incoming VNC connections to a host on my private LAN: DNAT net:$SITE1 loc:$JOHN tcp 5900:5910 This works perfectly the host can connect without problems. Would it be possible to link the internal host to an external ip? For example if Site1 would connect on the VNC port, all traffic gets forwarded to loc:$JOHN. But if net:$SITE2 connects (different public IP) then all traffic goes to host loc:$CHRIS ?? Would be much easier than messing around with the port numbers. Thanks for any input! Remco -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Paul Slinski
2003-Jan-02 08:21 UTC
[Shorewall-users] Routing inomcing TightVNC connections?
Yes. We use it that way here. On Thu, 2 Jan 2003 17:16:13 +0100 (CET) Remco Barendse <shorewall@barendse.to> opened up to us and said:> Hi! > > I have this rule to allow incoming VNC connections to a host on my > private LAN: > DNAT net:$SITE1 loc:$JOHN tcp 5900:5910 > > This works perfectly the host can connect without problems. > > Would it be possible to link the internal host to an external ip? > > For example if Site1 would connect on the VNC port, all traffic gets > forwarded to loc:$JOHN. But if net:$SITE2 connects (different public > IP) then all traffic goes to host loc:$CHRIS ?? > > Would be much easier than messing around with the port numbers. > > Thanks for any input! > > Remco > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@shorewall.net > http://www.shorewall.net/mailman/listinfo/shorewall-users-- Paul Slinski System Administrator Global IQX http://www.globaliqx.com/ pauls@globaliqx.com
Colin Viebrock
2003-Jan-02 09:02 UTC
[Shorewall-users] Routing inomcing TightVNC connections?
Remco Barendse wrote:> Hi! > > I have this rule to allow incoming VNC connections to a host on my > private LAN: > DNAT net:$SITE1 loc:$JOHN tcp 5900:5910 > > This works perfectly the host can connect without problems. > > Would it be possible to link the internal host to an external ip? > > For example if Site1 would connect on the VNC port, all traffic gets > forwarded to loc:$JOHN. But if net:$SITE2 connects (different public IP) > then all traffic goes to host loc:$CHRIS ??Uh, don''t you just need another rule? DNAT net:$SITE1 loc:$JOHN tcp 5900:5910 DNAT net:$SITE2 loc:$CHRIS tcp 5900:5910 - Colin