Re: IP Protocol 57

To: Chad Thompson <chad@macristy.com>
Cc: <debian-firewall@lists.debian.org>
Subject: Re: IP Protocol 57
From: Thomas Morin <thomas.morin@webmotion.com>
Date: Mon, 23 Jul 2001 10:43:22 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.4.33.0107231037250.10570-100000@centauri>
In-reply-to: <[🔎] 3B5C2DAD.7DF04950@macristy.com>

-. Chad Thompson (2001-07-23) :
 |
 | Hmmm... Both firewalls (the one on my side and the one at the VPN host
 | site) , use IPCHAINS. It seems that I can allow the protocol 57 traffic
 | through my firewall on the client side,  but when I try below on the VPN
 | host side:
 |
 | ipmasqadm portfw -a -P 57 -L $IPADDR -R 10.2.0.2

I don't know SKIP, I don't know if it has ports. But here I really
believe you are trying to do 'port forwaring' on a protocol for which
ipchains doesn't know 'ports'.

 | I get a 'portfw: invalid protocol specified' ..... Is there a
 | different way to do this? Please don't tell me I need to upgrade
 | kernels to 2.4.x now.... :)

You can achieve NAT, by using 'ip rules', and 'ip route' from the
'iproute2' package, but you'd really use iptables' NAT here, it's *far*
easier.

Regards,

-tom

--
== Thomas.Morin     @webmotion.com        SysAdmin/R&D
== Phone: +1 613 731 4046 ext113 \Fax: +1 613 260 9545
== PGP/keyID: 8CEA233D
== PGP/KeyFP: 503BF6CFD3AE8719377B832A02FB94E08CEA233D
--

Reply to:

Follow-Ups:
- Re: IP Protocol 57
  - From: "Chad Thompson" <chad@macristy.com>

References:
- Re: IP Protocol 57
  - From: "Chad Thompson" <chad@macristy.com>

Prev by Date: Re: IP Protocol 57
Next by Date: Re: Iptables question(s)
Previous by thread: Re: IP Protocol 57
Next by thread: Re: IP Protocol 57
Index(es):
- Date
- Thread