IP maquerading rules
Hello. I hope someone can give me some advice on how to accomplish
something using the ipmasq package.
I'm not sure I'm following how to use the rules system for this. I want
to open ports 80 and 5432 for my website and it's connection to
postgres. The server will be running behind my firewall. I think that
I need to somehow incorporate the following lines into the rules:
ipmasqadm portfw -a -P tcp -L <my_ext_ip> 80 -R <my_int_ClassC_host_ip>
80
ipmasqadm portfw -a -P tcp -L <my_ext_ip> 5432 -R
<my_int_ClassC_host_ip> 5432
Should I just create a Z98apachePG.rul file like below (I'm on 2.2.17
kernel so only ipchains apply)? Does anyone have a better suggestion?
Thanks very much for any input.
Steve
#######
# Sample rule file
#######
#######
# open Apache and Postgres to the internet through the firewall
case $MASQMETHOD in
ipfwadm)
$IPFWADM -I -a accept -S 0/0 68 -D 0/0 67 -W eth1 -P tcp
$IPFWADM -O -a accept -D 0/0 68 -S 0/0 67 -W eth1 -P tcp
;;
ipchains)
$IPCHAINS -A input -j ACCEPT -s 0/0 68 -d 0/0 67 -i eth1 -p tcp
$IPCHAINS -A output -j ACCEPT -d 0/0 68 -s 0/0 67 -i eth1 -p tcp
ipmasqadm portfw -a -P tcp -L <my_ext_ip> 80 -R
<my_int_ClassC_host_ip> 80
ipmasqadm portfw -a -P tcp -L <my_ext_ip> 5432 -R
<my_int_ClassC_host_ip> 5432
;;
esac
Reply to: