Re: Port forwarding
On Thu, Jan 27, 2000 at 02:06:01PM +0100, Fitsch wrote:
> > Perhaps you try something wrong, or I don't understand your setup. In
> > common Port Forwarding is used to redirect traffic from the outside to
> > an internal host behind your firewall. (e.g. webserver) this internal
> > host may have an adress from the private space.
Yes, that's exactly what I want to do. I tried this with masq. on and out
but the problems are the same.
> > When you specify the IP-Adresses, Source and Destination must be
> > adresses on different machines, not of different nic's in one machine.
Right. I used as IP addresses the outside address of my firewall and the
address of my server in my internal net.
> > If you have a strict policy on your firewall you have to allow this
> > traffic, better you create an seperate chain for portforwarded traffic
> > from the outside to the inside.
I even tried with all traffic allowed through.
> > For traffic from the inside to the outside you don't need Port
> > Forwarding, as this is handled by Masquerading or normal routing.
Yes, but I also get backward traffic after connecting from the outside. For
instance inetd tried to connect to teh auth service to check who is trying
to connect. The problem I had with outbound traffic though was with the
packets send back in the connection established from the outside.
Michael
--
Michael Meskes | Go SF 49ers!
Th.-Heuss-Str. 61, D-41812 Erkelenz | Go Rhein Fire!
Tel.: (+49) 2431/72651 | Use Debian GNU/Linux!
Email: Michael@Fam-Meskes.De | Use PostgreSQL!
Reply to: