Re: IPPORTFW vs MFW
> I'm wanting to setup port forwarding of some sort on my Debian firewall
> Looking at the IP_masquerade HOWTO it talks about IPPORTFW and MFW. Which
> these is better (?) to use? The HOWTO has a bit of info on IPPORTFW but
> MFW - is there any examples/howto's of MFW around?
As I didn't see any reply to this, here goes...
I've used the MFW rules to pass through HTTP, POP and IMAP through a
firewall. I used it simply because it was 'recommended to use the new MFW
feature' in the ipchains and ipmasqadm documentation I read. I would have
liked to have had some reasons given, but never saw any, one could speculate
on it being more efficient or secure, but I have no idea.
The MFW works on the initial connection, and marks the stream labelled with
an arbitary integer, I used the underlying well known port number to avoid
confusion. Then you set up the masquerading rules for that port.
Once I'd found the right documentaion and the ipmasqadm HOWTO and examples,
I didn't have any problem with it all. As such I've forgotten the exact
details, but if you need it, ask me for a section of the shell script I
posted early this year, and I'll dig it out for you.