Re: PCAnywhere and IPCHAINS

To: nate <debian-user@aphroland.org>, debian-user@lists.debian.org
Subject: Re: PCAnywhere and IPCHAINS
From: Simon Tneoh Chee-Boon <simon.tneoh@mybiz.net>
Date: Tue, 07 Jan 2003 10:58:17 +0800
Message-id: <[🔎] 3E1A4248.4C323B9F@mybiz.net>
Reply-to: simon.tneoh@mybiz.net
References: <[🔎] 3E141973.5F036A2@mybiz.net> <[🔎] 48157.10.10.10.7.1041522006.squirrel@webmail.linuxpowered.net> <[🔎] 3E18DADC.F57D8416@mybiz.net> <[🔎] 51025.10.10.10.7.1041818423.squirrel@webmail.linuxpowered.net> <[🔎] 3E193E5D.35648587@mybiz.net> <[🔎] 57160.10.10.10.7.1041858763.squirrel@webmail.linuxpowered.net>

Hello nate,
   When I try to some REDIRECT in ipchains, I got the following message:
ipchains: No target by that name (Maybe this kernel doesn't support transparent
proxying?)
Could this cause the problem?
I'm using Linux wira 2.2.20 #1 Sat Apr 20 11:45:28 EST 2002 i686 unknown.
   I've executed tcpdump, no connection to the internal IP for the internal
interface.

Thanks.

Regards,
Simon.

nate wrote:

> Simon Tneoh Chee-Boon said:
> > Hello nate,
> >     I suspect could it be my ipchains rule block the internal
> > connections?
> >>From internal network, when I try to PCAnywhere external PCAnywhere
> > Host, I
> > can something like the following in the syslog file:
> > 1) internalIP (unprivportA) -> externalHostIP (5632)
> > 2) fwexternalIP (unprivportB) -> externalHostIP (5632) (I believe this is
> > 'coz of MASQ)
> > 3) externalHostIP (5632) -> fwexternalIP (unprivportB)
> > 4) externalHostIP (5632) -> internalIP (unprivportA)
> >     I wonder if the connection is in the other way, how would this be?
> > Something like the followings?
> > 1) externalClientIP (unprivportA) -> fwexternalIP (5632)
> > 2) fwinternalIP (unprivportB) -> internalHostIP (5632) ('coz of portfw) 3)
> > internalHostIP (5632) -> fwinternalIP (unprivportB)
> > 4) fwexternalIP (5632) -> externalClientIP (unprivportA)
> >     When I tested, I only see 1)'s log, there's no log for 2). So I'm a
> > bit confused here.
> >     Or maybe I really need an extra new external IP for this internal
> > server,
> > else I can't do port forwarding without it?
>
> you don't need an extra IP for the server, unless your forwarding to more
> then 1 server on the same external port. Have you flushed the forwarding
> rules? perhaps autofw is still running, try
>
> ipmasqadm autofw -F
>
> to delete any autofw rules then try ipmasqadm again
>
> ipmasqadm portfw -a -P tcp -L EXTERNAL_IP_ADDRESS 5631 \
> -R INTERNAL_IP_ADDRESS 5631
> ipmasqadm portfw -a -P udp -L EXTERNAL_IP_ADDRESS 5632 \
> -R INTERNAL_IP_ADDRESS 5632
>
> try running iptraf on the firewall host while you initiate a connection
> to see what it shows. or perhaps tcpdump
>
> tcpdump -i INTERNAL_INTERFACE src or dst IP_ADDRESS_OF_PCA_SERVER
>
> good luck!
>
> nate
>
> --
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

--
Simon Tneoh Chee-Boon simon.tneoh@mybiz.net
Senior Technologist MyBiz International Limited
Tel: (60)3-2713-8181    Fax: (60)3-2713-8811
Personal: http://www.tneoh.zoneit.com/simon/
Company:  http://www.mybiz.net

Reply to:

Follow-Ups:
- Re: PCAnywhere and IPCHAINS
  - From: "nate" <debian-user@aphroland.org>

References:
- PCAnywhere and IPCHAINS
  - From: Simon Tneoh Chee-Boon <simon.tneoh@mybiz.net>
- Re: PCAnywhere and IPCHAINS
  - From: "nate" <debian-user@aphroland.org>
- Re: PCAnywhere and IPCHAINS
  - From: Simon Tneoh Chee-Boon <simon.tneoh@mybiz.net>
- Re: PCAnywhere and IPCHAINS
  - From: "nate" <debian-user@aphroland.org>
- Re: PCAnywhere and IPCHAINS
  - From: Simon Tneoh Chee-Boon <simon.tneoh@mybiz.net>
- Re: PCAnywhere and IPCHAINS
  - From: "nate" <debian-user@aphroland.org>

Prev by Date: RE: MPlayer audio video out of sync
Next by Date: *BLUSH* Still have no idea of the xhost replacement
Previous by thread: Re: PCAnywhere and IPCHAINS
Next by thread: Re: PCAnywhere and IPCHAINS
Index(es):
- Date
- Thread