conversion from openbsd firewall to ipchains..
Not so debian related although all our servers are running debian, tomorrow
we will definitely see goodbye to the one of the last not debian systems in
our network..mission accomplished :)
Anyway, i'm trying to convert that quit unreadable openbsd firewall rules
to linux 2.4 packfiltering...and things are not quit clear. Is there
anyone here with experience in both who could convert the openbds rules
below to packetfiltering alternatives..i got some ideas..but i'm not quit
sure..and some rules doesn't make sense to me due to lack of experience
with the bsd platform...
Hopefully some can help out.
some of the rules:
rdr xl0 231.92.183.10/32 port 25 -> 192.168.1.19 port 25
becomes:
/sbin/iptables -t -A PREROUTING -i eth0 -p tcp -d 231.92.183.10/32 --dport
25 -j DNAT --to 192.168.1.19:25
but
map xl0 192.168.1.101/32 -> 231.92.183.34/32
becomes?
and a rule like:
pass out on xl1 proto udp from any to 192.168.1.23/32 port = 500
which seems to redirect incoming traffic of the external nic of the
firewall directly to an internal system..should this become??:
/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 500 -j REDIRECT
--to 192.168.1.23/32 --to-port 500
Am I correct on this?
thanx..
Frank
Reply to: