Re: telnetting to a host behind ip_masq

To: Paul Miller <paul@3dillusion.com>, Debian User <debian-user@lists.debian.org>, Linux Net <linux-net@vger.rutgers.edu>
Subject: Re: telnetting to a host behind ip_masq
From: Juanjo Ciarlante <irriga@impsat1.com.ar>
Date: Thu, 11 Jun 1998 08:45:31 -0300
Message-id: <[🔎] 19980611084531.A19998@impsat1.com.ar>
Mail-followup-to: Paul Miller <paul@3dillusion.com>, Debian User <debian-user@lists.debian.org>, Linux Net <linux-net@vger.rutgers.edu>
In-reply-to: <[🔎] Pine.LNX.3.96.980610162807.11618B-100000@serv1.3dillusion.com>; from Paul Miller on Wed, Jun 10, 1998 at 04:30:42PM -0400
References: <[🔎] Pine.LNX.3.96.980610162807.11618B-100000@serv1.3dillusion.com>

On Wed, Jun 10, 1998 at 04:30:42PM -0400, Paul Miller wrote:
> 
> Is it possible to telnet directly to a host behind ip_masq? -- Something
> like connecting to a different hostname at the same ip, and acting as a
> different computer. -- Apache does this with virtual hosting.
> 
You can use 
 . userspace redirector ("redir" and "redir2") 
 . kernel portforwarding

See attached text for details

Regards
-- 
-- Juanjo       http://juanjox.home.ml.org/
                       Yo don't need an hologram to know...
                       Nor you need to sell your brain to anyone.
                       Yo can feel it. It's Linux.

                REDIR2                       PORTFW
Place           user-space                   kernel
                                            
Method          connection "bouncing         reversed masq "spot"
                  at firewall"                
                                            
Pros            . easy installation          . fast, low-resource
                . no kernel-side support       consumption
                  needed                     . load-balacing in LAST
                . load-balancing               patch-sets
                                             **internal servers SEE conns
                                               from ACTUAL client **
                                            
Cons            . 1 process/connection       . kernel-patch needed for 2.0
                **internal servers SEE       . masquerader timeout
                  ALL connects from            handling may affect
                  firewall (NO WAY :)          total available connects
                  thus turning access        . usable, but still under
                  logs useless **              devel/test (THE Linux way ;)
                . process-handling:          . LOCAL (@firewall) redirection
                  susceptible to scheduling    not available
                  issues                          
Resource        1 process/connection         1 masq entry/connection
usage                                          limited to max. masq
                                               entries


--
Resources:
   Linux 2.0: kernel patch and "portfw" utility
      http://www.monmouth.demon.co.uk/ipsubs/portforwarding.html
   Linux 2.1: "ipmasqadm" utility
      http://juanjox.home.ml.org

Reply to:

References:
- telnetting to a host behind ip_masq
  - From: Paul Miller <paul@3dillusion.com>

Prev by Date: Re: Using Vim with mutt
Next by Date: Re: telnetting to a host behind ip_masq
Previous by thread: telnetting to a host behind ip_masq
Next by thread: Re: telnetting to a host behind ip_masq
Index(es):
- Date
- Thread