Re: [TCLUG:6777] ipchains and port forwarding

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:6777] ipchains and port forwarding
From: ^chewie <chewie@nerp.net>
Date: Wed, 30 Jun 1999 09:25:07 -0500 (CDT)
In-Reply-To: <19990630015836.A26163@wizard.real-time.com>

On Wed, 30 Jun 1999, Bob Tanner wrote:

> Anyone of an example of ipchains and port forwarding?
> 
> I believe in ipchains it is called REDIR now, but I want to be
> able to port forward to an internal box from the Internet and I
> cannot find any examples or documentation of port forwarding.
> 
> When I activate a chain with REDIR, I get a message from the
> kernel that I need to recompile the kernel with transparent proxy
> active.
> 
> So from a host on 206.10.252.0/24 I want to be able to
> redirect/port forward to Linux Box2 (192.168.100.1).

Go to http://juanjox.kernelnotes.org.  Get the tool "ipmasqadm", or
get the RPM from Red Hat.  Use RPM, alien, or "roll your own". Install
it.  Get any kernel patches you need for the tool from the same site.  
Compile your kernel for transparent proxy.

Insert this file into your /etc/init.d/ and make the appropriate links
in your rc?.d directories.

----------------------- CUT HERE ----------------------
#!/bin/bash
# IPMASQADM Initialization file
# by Chad Walstrom <cwalstro@ltiflex.com>
# Version: 1999062101

IPMASQADM="/usr/sbin/ipmasqadm"                 # Program
LADDR="206.147.67.195"                          # Firewall Addy
WEBSVR="192.168.1.6"                            # LTI Web Server
MFSVR_1="192.168.1.2"                           # MetaFrame Server
MAILSVR="192.168.1.4"                           # Exchange Server

test -x ${IPMASQADM} || exit 0

case "$1" in
  start)
    echo -n "Initializing IPMASQADM port forwarding: "

    # Flush portfw rules
    ${IPMASQADM} portfw -f

    ########################################
    # SMTP, POP, IMAP

    ${IPMASQADM} portfw -a -P tcp -L ${LADDR} 25 -R ${MAILSVR} 25
    echo -n "SMTP, "

    ${IPMASQADM} portfw -a -P tcp -L ${LADDR} 110 -R ${MAILSVR} 110
    echo -n "POP3, "

    ${IPMASQADM} portfw -a -P tcp -L ${LADDR} 143 -R ${MAILSVR} 143
    echo -n "IMAP2/4, "

    ########################################
    # Web Server

    ${IPMASQADM} portfw -a -P tcp -L ${LADDR} 80 -R ${WEBSVR} 80
    echo -n "WEB, "

    ${IPMASQADM} portfw -a -P tcp -L ${LADDR} 443 -R ${WEBSVR} 443
    echo -n "SECURE-WEB, "
    
    ########################################
    # ICA Protocol for MetaFrame
    ${IPMASQADM} portfw -a -P tcp -L ${LADDR} 1494 -R ${MFSVR_1} 1494
    echo -n "ICA-TX, "

    ${IPMASQADM} portfw -a -P udp -L ${LADDR} 1604 -R ${MFSVR_1} 1604
    echo -n "ICA-BR, "

    echo "done."
  ;;
  stop)
    echo -n "Stopping IPMASQADM port forwarding: "

    # Flush portfw rules
    ${IPMASQADM} portfw -f

    echo "done."
  ;;
  restart|reload|force-reload)
    echo "Restarting IPMASQADM port forwarding."
    $0 start
    echo "IPMASQADM port forwarding restarted."
  ;;

  *)
    echo "Useage: /etc/init.d/$0 {start|stop|restart}"
    exit 1
  ;;
esac
exit 0

------------------------- CUT HERE -----------------




^chewie

http://nerp.net/~chewie  <<--- Check it out!  I'm selling my truck!

References:
- ipchains and port forwarding
  - From: Bob Tanner <tanner@real-time.com>

Prev by Date: rewrite: map junk not found???
Next by Date: Issue 1: Broken GNOME dock
Prev by thread: Re: [TCLUG:6777] ipchains and port forwarding
Next by thread: RE: [TCLUG:6777] ipchains and port forwarding
Index(es):
- Date
- Thread