Port forwarding
Could anyone send me a working example of port forwarding? I just tried to
get it going to no avail.
I test setup has a firewall connecting 172.26.14.0/24 and 172.26.2.0/24
doing nothing but routing. Now i want it to redirect some ports (I tried
23,25,80) from its own 172.26.2.1 address to 172.26.14.7. I tried
accomplishing that by adding
ipmasqadm portfw -a -P tcp -L 172.26.2.1 80 -R 172.26.14.7 80
With this setup I get a log entry that someone tried to initiate a session
on 172.26.14.7 but that session never is fully established since no data
arrive on the outside. Also there is no error log on any of the machines.
Then I told my firewall to masquerade the internal network. With that I got
www going. However, with a respective rule added, smtp and telnet did not
work either. They do get a 'connection denied' icmp package back. But my
inside test machine does accept both protocols as I can see when directly
addressing it.
I also tried to the ip command to redirect anotehr address (in my case
172.26.2.2) completely to my internal machine. Using this setup I have the
same problem. I get the log that unknown@external-machine tries to
establish a connection and nothing more. Strangely enough about every 2nd
or 3rd try this log shows the correct user instead of unknown.
Finally I tried marking packages to port 80 and add a special ip rule for these
packages but the result was the same.
I think I missed something essential but right now I have no idea what that
could be. And yes CONFIG_IP_MASQUERADE_IPPORTFW is defined in the kernel.
Thanks in advance for any help.
Michael
P.S.: PLease CC me on replies.
--
Michael Meskes | Go SF 49ers!
Th.-Heuss-Str. 61, D-41812 Erkelenz | Go Rhein Fire!
Tel.: (+49) 2431/72651 | Use Debian GNU/Linux!
Email: Michael@Fam-Meskes.De | Use PostgreSQL!
Reply to: