TCLUG Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [TCLUG:6777] ipchains and port forwarding
Don't know if this helps, but man ipchains on RH6 talks about a "-D
CONFIG_IP_TRANSPARENT_PROXY" compile option to enable transparent proxy in
the kernel which is basically what you're doing with the redirect in
ipchains.
See also, HOWTO on Linux Security, IPCHAINS (esp. section 3.3), NET-3
(section 6.10). (i also believe somewhere it mentions that this is still
experimental)
-Unni
> -----Original Message-----
> From: Bob Tanner [mailto:tanner@real-time.com]
> Sent: Wednesday, June 30, 1999 1:59 AM
> To: tclug-list@mn-linux.org
> Subject: [TCLUG:6777] ipchains and port forwarding
>
>
> Anyone of an example of ipchains and port forwarding?
>
> I believe in ipchains it is called REDIR now, but I want to
> be able to port
> forward to an internal box from the Internet and I cannot
> find any examples or
> documentation of port forwarding.
>
> When I activate a chain with REDIR, I get a message from the
> kernel that I
> need to recompile the kernel with transparent proxy active.
>
> Anyone?
>
> 206.10.252.0/24 | Public network
> |
> |
> --------+--------
> |Linux Box |
> |206.10.252.7 |
> ----------+------
> |
> 192.168.100.0/24 |
> |
> ----------+------
> |Linux Box2 |
> |192.168.100.1 |
> -----------------
>
> So from a host on 206.10.252.0/24 I want to be able to
> redirect/port forward
> to Linux Box2 (192.168.100.1).
>
> --
> Bob Tanner <tanner@real-time.com> | Phone : (612)943-8700
> http://www.real-time.com | Fax : (612)943-8500
> Key fingerprint = 6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org
>