Iptables help?
Warren Raquel
warquel at hotmail.com
Thu Dec 6 12:39:50 PST 2001
I haven't tried switching to iptables yet but here's what I did with
ipmasqadm when I was using ipchains.
root at computer root]# echo 1 > /proc/sys/net/ipv4/ip_forward
Since you're running FTP behind the firewall you'll want to load the proper
modules
root at computer root]# /sbin/modprobe ip_masq_ftp (or ip_masq_autofw)
(I can't remember if you have to load ip_masq_portfw too. Try it.)
Then run the ipmasqadm command for ports 20 and 21
root at computer root]# /usr/sbin/ipmasq portfw -a -P tcp -L \
[external.firewall.address] 21 -R [internal.ftp.server.address] 21
root at computer root]# /usr/sbin/ipmasq portfw -a -P tcp -L \
[external.firewall.address] 21 -R [internal.ftp.server.address] 21
I haven't done the research to see if IPTABLES has this built in. From what
I remember I think it does but I could be wrong. Hope it works out. I
haven't set it up in a while and don't have the means to test it out so
hopefully this gives you a point to start from.
Warren Raquel MCP CCNA
- Just another geek.
>From: "Jake" <Jake at callatg.com>
>Reply-To: <talk at nblug.org>
>To: "00 nblugTalk" <talk at nblug.org>
>Subject: Iptables help?
>Date: Thu, 6 Dec 2001 12:15:57 -0800
>
>I have my linux box set up with iptables for NAT but for the life of me I
>cannot figure out how to do port forwaring.
>Perhaps its simple and I overlooked it, but all I want is to have ports
>forward to the internal ips of the boxes for a given port.
>
>So if you want to ftp into my linux box it really forwards the request to
>my
>ftp server behind the linux box on the private network.
>
>Anyone have any pointers?
>
>-
>Jake
>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
More information about the talk
mailing list