Re: PCAnywhere and IPCHAINS
'Coz ipchains always displays that message, so I've commented the REDIRECT
So for my objective, the important parts are the ipchains, ipmasqadm portfw and
route table, right?
For my case, do I need any settings like CONFIG_IP_TRANSPARENT_PROXY=y?
And will ipchains' MASQ rule affect this? I got something like the following in
ipchains -A forward -s $INTERNAL_NET -j MASQ
ipchains -A forward -i $INTERNAL_INTERFACE -j MASQ
If it works, what would I see in the syslog for ipchains? Would I see
something like the followings?
external_interface PCAClientExternalIP (unprivportA) -> FWExternalIP (5632)
internal_interface PCAClientExternalIP (unprivportA) -> PCAHostInternalIP (5632)
> Simon Tneoh Chee-Boon said:
> > Hello nate,
> > When I try to some REDIRECT in ipchains, I got the following message:
> > ipchains: No target by that name (Maybe this kernel doesn't support
> > transparent proxying?)
> > Could this cause the problem?
> > I'm using Linux wira 2.2.20 #1 Sat Apr 20 11:45:28 EST 2002 i686 unknown.
> > I've executed tcpdump, no connection to the internal IP for the
> > internal
> > interface.
> redirect only works for redirecting to a local service.
> server A has a service on port 500
> server A has REDIRECT(transparent proxy) which points port 5000->500
> connections from remote systems to port 5000 will end up on port 500
> connections from the local system(Server A) to port 5000 will fail.
> it will NOT work in combonation with port forwarding in redirecting
> traffic to another host.
> this could be a problem yes if you have a redirect statement on the
> same port as your port forwarding. to use transparent proxy you need:
> in your kernel config(debian kernels store their config in
> /boot/config-`uname -r`)
> To UNSUBSCRIBE, email to firstname.lastname@example.org
> with a subject of "unsubscribe". Trouble? Contact email@example.com
Simon Tneoh Chee-Boon firstname.lastname@example.org
Senior Technologist MyBiz International Limited
Tel: (60)3-2713-8181 Fax: (60)3-2713-8811