ipportfw

To: debian-firewall@lists.debian.org
Subject: ipportfw
From: Mike Schmitz <mschmitz@coinet.com>
Date: Fri, 19 Mar 1999 15:18:12 -0800
Message-id: <[🔎] 19990319151812.K11369@coinet.com>
Mail-followup-to: debian-firewall@lists.debian.org

I am trying to setup ipportfw.  I have compiled a (patched) kernel with 
support for firewall, masquerading, ipalias, ipport forwarding.  I set
up masquerading the normal way, and it works.  I gave the masquerader a
second IP with aliasing on eth0:0.  I setup /etc/init.d/ipportfw with
rules to forward ports 80,21 to the masqueraded machine.  I must be
missing something fundamental, because it doesn't work.

Here are some excerpts from the important files:

/etc/init.d/network:
ifconfig eth0:0 $IP-TO-BE-FORWARDED
route add -host $IP-TO-BE-FORWARDED 
ifconfig eth1 192.168.100.1 netmask 255.255.255.0 broadcast 192.168.100.255
route add -net 192.168.100.0 dev eth1
ipfwadm -F -p deny
ipfwadm -a m -S 192.168.100.0/24 -D 0.0.0.0/0

/etc/init.d/ipportfw:
portfwrules () {
	echo -n
	ipportfw -A -t $IP-TO-BE-FORWARDED -R 192.168.100.2/80
	ipportfw -A -t $IP-TO-BE-FORWARDED -R 192.168.100.2/21
}

TIA

-- 
  Mike Schmitz     mschmitz@bend-or.com    http://www.bend-or.com/~mschmitz
  Don't blame me - I voted libertarian!    http://www.lp.org/
  Use Debian Linux - the free Gnu/Linux    http://www.debian.org/
				  -----------        
	 "If encryption is outlawed, only outlaws will have encryption"

Reply to:

Prev by Date: Re: Accessing machines behind a firewall
Next by Date: Re: Accessing machines behind a firewall
Previous by thread: Re: Accessing machines behind a firewall
Next by thread: firewall/webserver combo
Index(es):
- Date
- Thread