RE: DMZ-firewall

To: <debian-firewall@lists.debian.org>
Cc: "Joe Ellis" <joee@lithodyne.net>
Subject: RE: DMZ-firewall
From: Anders Gjære <Anders@oslo.kvalito.no>
Date: Thu, 6 Dec 2001 21:31:57 +0100
Message-id: <[🔎] 010B55064719D511AEBD00500488036212F435@sekunda5.oslo.kvalito.no>

no, it did not work..

could there be some settings in /proc/ who denies portforwarding?

or maybee some problems with the 2.4.5 kernel?

anders

# -----Original Message-----
# From: Joe Ellis [mailto:joee@lithodyne.net]
# Sent: 6. desember 2001 20:50
# To: Anders Gjære
# Subject: Re: DMZ-firewall
# 
# 
# try:
# iptables -t nat -A PREROUTING -p tcp -d $EXTMAILIP --dport 
# 110 -j DNAT 
# --to-destination 192.168.10.10
# 
# 
# i don't think you need the :110 to tell it which port to 
# goto.  once the 
# packet is routed to 192.168.10.10, it is up to that machine 
# to do what 
# it wants.
# 
# 
# 
# 
# Anders Gjære wrote:
# 
# > hi. 
# > 
# > i have a firewall with 5 nic's
# > 
# > it is firewalling some machines on 2 of the nic's, but now 
# im setting up
# > a new mailserver and webserver.
# > 
# > these should have local ip's, and here is where my problems starts.
# > 
# > ive tried a lot of examples and read a lot of howtos, but 
# with no luck.
# > 
# > iptables -t nat -A PREROUTING -p tcp -d $EXTMAILIP --dport 
# 110 -j DNAT
# > --to-destination 192.168.10.10:110
# > 
# > and i dont get any output from logging packets,
# > 
# > $IPTABLES -A FORWARD -j LOG
# > $IPTABLES -A FORWARD -m limit --limit 3/minute 
# --limit-burst 3 -j LOG \
# > --log-level DEBUG --log-prefix "IPT FORWARD packet died: "
# > 
# > 
# > 
# > 
# > --_
# > anders gjære
# > +47 414 22 934 
# > 
# > 
# > 
# 
# 
# -- 
# Joe Ellis
# http://www.lithodyne.net
# 
#

Reply to:

Follow-Ups:
- RE: DMZ-firewall
  - From: Jeremy Gaddis <jlgaddis@blueriver.net>

Prev by Date: DMZ-firewall
Next by Date: RE: DMZ-firewall
Previous by thread: DMZ-firewall
Next by thread: RE: DMZ-firewall
Index(es):
- Date
- Thread