[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]


On 6 Apr 2001, at 18:15, Robert Davies wrote:

> > I'm wanting to setup port forwarding of some sort on my Debian firewall
> box.
> > Looking at the IP_masquerade HOWTO it talks about IPPORTFW and MFW.  Which
> of
> > these is better (?) to use? The HOWTO has a bit of info on IPPORTFW but
> none on
> > MFW - is there any examples/howto's of MFW around?
> As I didn't see any reply to this, here goes...
> I've used the MFW rules to pass through HTTP, POP and IMAP through a
> firewall.  I used it simply because it was 'recommended to use the new MFW
> feature' in the ipchains and ipmasqadm documentation I read.  I would have
> liked to have had some reasons given, but never saw any, one could speculate
> on it being more efficient or secure, but I have no idea.
> The MFW works on the initial connection, and marks the stream labelled with
> an arbitary integer, I used the underlying well known port number to avoid
> confusion.  Then you set up the masquerading rules for that port.
> Once I'd found the right documentaion and the ipmasqadm HOWTO and examples,
> I didn't have any problem with it all.  As such I've forgotten the exact
> details, but if you need it, ask me for a section of the shell script I
> posted early this year, and I'll dig it out for you.

Thanks Rod for the info. I re-compiled my kernel with mfw support and all seems 
to be working well using mfw - dont know why I couldnt get portfw working but 
that is not an issue now!


Lex McPhail
Systems Analyst/Programmer
Systems Software & Instrumentation Ltd
New Zealand
email: lex@ssiltd.co.nz

Reply to: