ipmasqadm portfw

To: <debian-user@lists.debian.org>
Subject: ipmasqadm portfw
From: "Elm Gysel" <elm.gysel@dateq.be>
Date: Tue, 12 Feb 2002 16:20:59 +0100
Message-id: <[🔎] 02cb01c1b3d8$e05c7cb0$04fea8c0@eg>
References: <[🔎] F190fTTQJqohnpz5YhK00009f25@hotmail.com> <[🔎] 1013525629.13853.174.camel@linda>

Hello,

I'm using kernel 2.2.19 and I have a little question regarding portfw.
I've set up some rules to forward some ports to an other computer on the
network :

ipmasqadm portfw -a -P tcp -L localhost 8002 -R 192.168.1.10 8002
ipmasqadm portfw -a -P tcp -L 192.168.1.250 8002 -R 192.168.1.10 8002
ipmasqadm portfw -a -P tcp -L <extern-ip> 8002 -R 192.168.1.10 8002

This works good as long as the request comes from the outer
network(internet). So it doesn't work when I try to connect on the server
who has this installed or when I try to connect from any other computer on
the network using <external-ip>:8002 .

What I was wondering about, when does portfw get the packet? All my ipchains
rules seem to be correct. I use masquerading also. I have attached my
ipchains rules.

Thanks for any responses :)

Elm

Chain input (policy DENY: 0 packets, 0 bytes):
 pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize  source                destination           ports
 181K   11M ACCEPT     all  ------ 0xFF 0x00  lo                             anywhere             anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  !lo                            127.0.0.0/8          anywhere              n/a
 970K  220M ACCEPT     all  ------ 0xFF 0x00  eth0                           localnet/24          anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  eth1                           localnet/24          anywhere              n/a
 290K  116M ACCEPT     all  ------ 0xFF 0x00  eth1                           anywhere             <extern-ip>           n/a
    0     0 DENY       all  ----l- 0xFF 0x00  any                            anywhere             anywhere              n/a
Chain forward (policy DENY: 0 packets, 0 bytes):
 pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize  source                destination           ports
80253 7420K MASQ       all  ------ 0xFF 0x00  eth1                           localnet/24          anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  any                            anywhere             anywhere              n/a
Chain output (policy DENY: 0 packets, 0 bytes):
 pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize  source                destination           ports
 181K   11M ACCEPT     all  ------ 0xFF 0x00  lo                             anywhere             anywhere              n/a
 976K  680M ACCEPT     all  ------ 0xFF 0x00  eth0                           anywhere             localnet/24           n/a
    0     0 ACCEPT    !tcp  ------ 0xFF 0x00  eth0                           anywhere             BASE-ADDRESS.MCAST.NET/4  any ->   any
    0     0 DENY       all  ----l- 0xFF 0x00  eth1                           anywhere             localnet/24           n/a
 310K   43M ACCEPT     all  ------ 0xFF 0x00  eth1                           <extern-ip>          anywhere              n/a
    0     0 DENY       all  ----l- 0xFF 0x00  any                            anywhere             anywhere              n/a

Reply to:

References:
- Re: a modest proposal - Debian needs more $
  - From: "Roderick Cummings" <debian_user@hotmail.com>
- Re: a modest proposal - Debian needs more $
  - From: Oliver Elphick <olly@lfix.co.uk>

Prev by Date: Re: a modest proposal - Debian needs more $
Next by Date: Re: Immortal process after loopback mount
Previous by thread: Re: a modest proposal - Debian needs more $
Next by thread: Re: a modest proposal - Debian needs more $
Index(es):
- Date
- Thread