I''ve been reading some messages about the redirecting with shorewall. I still cannot figure out how i should get this to work: I have a server running with shorewall and I want to redirect port 2345 to 192.168.0.9:21 so that 217.121.114.127:2345 will redirect to my FTP server at 192.168.0.9. Any idea to do this? I''m still getting errors by trying. Thanks in advance. Maarten Zagers
On Fri, 7 Nov 2003 admin@maartenz.org wrote:> I''ve been reading some messages about the redirecting with shorewall. I still cannot figure out how i should get this to work: > > I have a server running with shorewall and I want to redirect port 2345 to 192.168.0.9:21 > > so that 217.121.114.127:2345 will redirect to my FTP server at 192.168.0.9. > > Any idea to do this?Yes.> I''m still getting errors by trying.a) Notify the ftp connection tracking and nat extention modules that port 2345 is an FTP port as described at http://www.shorewall.net/FTP.html b) Add a rule (assumes that the server is in the loc zone): DNAT net loc:192.168.0.9:21 tcp 2345 - 217.121.114.127 See FAQ''s 1 and 2 for more complicated cases. Horribly complex isn''t it... -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net
Mensaje citado por Tom Eastep <teastep@shorewall.net>:> On Fri, 7 Nov 2003 admin@maartenz.org wrote: > > > I''ve been reading some messages about the redirecting with shorewall. I > still cannot figure out how i should get this to work: > > > > I have a server running with shorewall and I want to redirect port 2345 to > 192.168.0.9:21 > > > > so that 217.121.114.127:2345 will redirect to my FTP server at > 192.168.0.9. > > > > Any idea to do this? > > Yes. > > > I''m still getting errors by trying. > > a) Notify the ftp connection tracking and nat extention modules that port > 2345 is an FTP port as described at http://www.shorewall.net/FTP.html > > b) Add a rule (assumes that the server is in the loc zone): > > DNAT net loc:192.168.0.9:21 tcp 2345 - 217.121.114.127 >in the case of http DNAT net local:102.168.0.9:80 tcp 8000 - 217.121.114.127 ???? RCC> See FAQ''s 1 and 2 for more complicated cases. > > Horribly complex isn''t it... > > -Tom > -- > Tom Eastep \ Nothing is foolproof to a sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ teastep@shorewall.net > > _______________________________________________ > Shorewall-users mailing list > Post: Shorewall-users@lists.shorewall.net > Subscribe/Unsubscribe: > https://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm >