Port forwarding - Aaarghh!!
My ipchains rules are now almost empty, there is _NO_ DENY or REJECT in the
chains.
Port forwarding from local host to remote still does not work! (of course
everything is OK if you connect by port 8888 from a host diffirent than the firewall)
So my question is:
has anyone succeeded in such setup before? Or is it just impossible under
Linux?
--
---------------------------------------------------
Marcin Owsiany
porridge@lo4.ids.bielsko.pl
---------------------------------------------------
Script started on Wed Jun 30 18:53:38 1999
[root@pandora /root]# ipchains -L -n
Chain input (policy ACCEPT):
target prot opt source destination ports
ACCEPT all ------ 192.168.2.0/24 0.0.0.0/0 n/a
ACCEPT all ------ 0.0.0.0/0 1.2.3.4 n/a
ACCEPT all ------ 0.0.0.0/0 0.0.0.0/0 n/a
Chain forward (policy ACCEPT):
target prot opt source destination ports
MASQ all ------ 192.168.2.0/24 0.0.0.0/0 n/a
Chain output (policy ACCEPT):
target prot opt source destination ports
ACCEPT all ------ 0.0.0.0/0 192.168.2.0/24 n/a
ACCEPT all ------ 1.2.3.4 0.0.0.0/0 n/a
ACCEPT all ------ 0.0.0.0/0 0.0.0.0/0 n/a
[root@pandora /root]# ipmasqadm portfw -l -n
prot localaddr rediraddr lport rport pcnt pref
TCP 127.0.0.1 192.168.2.3 8888 80 10 10
TCP 192.168.2.1 192.168.2.3 8080 80 10 10
TCP 1.2.3.4 192.168.2.3 8888 80 10 10
[root@pandora /root]# telnet 192.168.2.1 8888
Trying 192.168.2.1...
telnet: Unable to connect to remote host: Connection refused
[root@pandora /root]# telnet 1.2.3.4 8888
Trying 1.2.3.4...
telnet: Unable to connect to remote host: Connection refused
[root@pandora /root]# telnet localhost 8888
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
[root@pandora /root]# telnet 192.168.2.3 80
Trying 192.168.2.3...
Connected to 192.168.2.3.
Escape character is '^]'.
get
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>501 Method Not Implemented</TITLE>
</HEAD><BODY>
<H1>Method Not Implemented</H1>
get to /index.html not supported.<P>
</BODY></HTML>
Connection closed by foreign host.
[root@pandora /root]# exit
Script done on Wed Jun 30 18:57:02 1999
Reply to: