similar to: ipmasqadm port forwarding ipportfw (HOWTO)

Just responding in case this may be of help to somebody with firewalling issues. Not sure if this is off on a tangent to the original question... Here are three different forms of common firewall scripts and ways of getting SIP to work behind them. The third one has some additional stuff beyond just SIP although I can't remember why I wrote it that way. I've been having no fun using

Hi, I''m running a Debian 2.2r2 on a university server with 3 public ip on one ethernet card (but soon we will have three cards). There''s a tunnel (implemented with vtund on a tun interface with local address 192.168.1.10 and remote 192.168.1.20) from this server to another server without public ip and behind a router. I wanted to make the second server visible to the world, so

Excuse me form reposting the quesiton, but I didn''t find any solution. Any suggestion is welcome Hi, I''m running a Debian 2.2r2 on a university server with 3 public ip o(1.1.1.1 2.2.2.2 and 3.3.3.3 on one ethernet card (but soon we will have three cards). There''s a tunnel (implemented with vtund on a tun interface with local address 192.168.1.10 and remote

Greetings from a newbie! (Well, to this list anyway) I''m having a problem and I hope someone here might be able to help... I am strongly expecting an answer along the lines of "upgrade to v2.4.x", but I would REALLY preffer to avoid that for now... The setup: "Home brewed" v2.2.24 (will patch to v2.2.25 later today) with the DS8 patch applied. Currently

Howdy, I tried tackling this on irc with Ivo, but I suspect that irc may really not be the best medium for technical discussions, so I'll reprise it here. I am trying to duplicate the "tinc from behind a masquerading firewall" example from the tinc web site: (home) <--> (masquerading firewall) <--> (office) 192.168.1.21 192.168.1.1/1.2.3.4

Hi All I have had a look through the documentation but I can''t see how to do this. I want to setup DNAT for an incoming connection. The connection must be forwarded to a server on a masqueraded server behind the firewall. The tricky part is I need to forward to a different port to the one that the request arrived on. I can do this: firewall.public.ip:5800 ->

I've noticed that my W2K clients connect to Samba much more quickly if I run it on port 445 instead of 139. However, my WNT clients then won't connect at all. I read somewhere that it was possible to forward the requests on port 139 to port 445. Anyone know how to do this or how to listen to both ports simultaneously? Thanks, Jason Joines Open Source = Open Mind

I have the following forced up mew by evil telco problem: - One IP - Homebrew LAN - portforwarding for some services. - extra PPTP/ppp layer to an internal 10.* network which mutilates DNS answers. Setup: Machine A has ip a.b.c.d (real IP) and is reachable over ADSL with it from the world. It does NAT for an internal LAN 192.168.0.0/24) and has portforwading turned on for some ports (eg 80)

Hello, I'm trying to set up port forwarding in IPTABLES and so far it's working great from the internet, but when I attempt from my internal LAN using the External IP address, it fails. EXTIF="eth0" INTIF="eth1" EXTIP="xxx.xxx.xxx.xxx" INTNET="192.168.1.0/24" INTIP="192.168.1.1" PORTFWIP="192.168.1.13" >From the internet,

Hi Are there any known security holes or necessary precautions in using port forwarding with ipportfw? I'm planning on forwarding ports from an outer firewall/router (connected to the Internet) to a host in the DMZ, then on from the DMZ host to the inner firewall, and finally from the inner firewall to some host on the inside. Thanks, Jens jph@strengur.is From mail@mail.redhat.com Wed

Hello David, After some experiments and discussions I came to the following result concerning private NT-Box connecting to a LAN via ipchains and using all NETBIOS services (incl. domain-logon): Cross-subnet browsing with NETBIOS could only be done by a local master browser in the private net. I first thought of using Samba on the Linux router for that. But the Samba service would have to use

Hi, There appears to be a bug in 2.5.1p2 that is not present on 2.3.0p1. The environment in question is Solaris, on either Intel or Sparc. The arrangement is as follows: System bar forwards a port from itself to system baz by doing su portfw -c 'ssh -2 -P -N -f -g -L 3333:baz:22 baz' System foo, which can talk to bar but not baz, initiates an ssh connection to bar port 3333, and is

hi i recently searched in the mailinglist archive and found similar problems, whose solutions helped very much, thank you. i have the following scenario: a firewall with one lan interface eth0 10.1.1.1/24 and two uplink interfaces eth1 10.2.2.1/24 eth2 10.3.3.1/24 each uplink interface does SNAT: iptables -t nat -I POSTROUTING -o eth1 -j SNAT --to-source 10.2.2.1 iptables -t nat -I POSTROUTING

Hi there. I have followed some documents found here and there, but do not have already success implementing a script using iptables and iproute. What I need is to send all traffic trough an ADSL line, but mail trough an expensive and slow DS0. The mail server lies on the PC acting also as firewall. I include the script. When using that I get some error messages (I found that the flush command

I''m trying to manage network files on two nodes, "vico" and "backup." The component "vico_network" below works fine. define vico_network ($owner = ''root'', $group = ''wheel'', $mode = ''644'', $cro_int = ''ne3'', $carp0_skew = '''', $carp1_skew =

On Friday 24 June 2005 20:57, Derek Vincent wrote: >>Hello all, >> >>I have shorewall setup with 3 SNAT entries for external IP address''s to >>a single IP internal address. I am wondering how to limit access based >>on the source IP address. >>ex. >> EXT IP 1 access only to port 25 >> EXT IP 2 access only to port 443 >> EXT IP 3

Hi All, I have an asterisk box on my DMZ, and I'm using a PF for my firewall, I can make a call but some reasons I have a dead air. Any Ideas? below are my rules... ext_if = "bce0" int_if = "bce1" altitude = "172.16.1.0/24" #### machines #### vbox = "172.16.1.1" uci = "172.16.1.4" voices = "203.172.x.1" ipc =

Hello all, I have shorewall setup with 3 SNAT entries for external IP address''s to a single IP internal address. I am wondering how to limit access based on the source IP address. ex. EXT IP 1 access only to port 25 EXT IP 2 access only to port 443 EXT IP 3 access only to port 80 I have the SNAT setup correctly and I have 3 accept line in the rules file (25,80,443) but I can hit

I am running 2.4.20 with Julian Anastasov''s patches (routes-2.4.20-9.diff), iptables v1.2.6a, iproute2-ss010824 on Debian. I have set up our internal gateway to multihome 2 T1''s as described in http://www.linuxvirtualserver.org/~julian/nano.txt . The only difference is that I use multiple IP''s on the external interfaces. EXA A.B.C.225 --------------------

Anyone have an example XML file for the PAP2T? Cheers, j