[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The Son of Router Trouble: Part Two

To: silug-discuss@silug.org
Subject: Re: The Son of Router Trouble: Part Two
From: Jamon Terrell <JamonTerrell@charter.net>
Date: Sun, 14 Apr 2002 12:35:58 -0500
In-Reply-To: <000e01c1e318$cbc9ba00$0200a8c0@home.charterstl.net>
Organization: Southern Illinois Linux Users Group
Reply-To: JamonTerrell@charter.net
Sender: silug-discuss-owner@silug.org

I'm assuming you're using ip Masq also, which first brings up the question, is the protocol you're 
wanting to forward to a certain machine a common one which possibly there are ip masq modules for? which 
would allow any computer inside the network to use the "service" for lack of a better word?  Or are we 
perhaps talking about something on the inside network running completely as a server, such as an httpd 
server, where you want to simply forward all incoming traffic on port 80 to a certain machine.  If it's 
the first, obviously you'll just want to compile the modules (which can be found in your kernel's 
source), and insmod/modprobe them.  If you're simply wanting to know how to forward a port with 
ipchains, you must follow the below instructions:

If you are using modern RedHat kernels, you have already have Port Forwarding included as a module. To 
install it run:

modprobe ip_masq_portfw.o

If you use other distributions, you'll need to compile a new kernel with Port Forwarding support. You'll 
need to include the following options:

CONFIG_EXPERIMENTAL
CONFIG_IP_MASQUERADE
CONFIG_IP_MASQUERADE_IPPORTFW

ipmasqadm portfw -a -P tcp -L put.your.real.ip.here 80 -R ip.of.internal.webserver 80

so basically if your real ip is 24.207.177.130 and you want to forward incoming requests on port 80 to 
the local machine 192.168.0.11 and to port 80 on it, you'd do

ipmasqadm portfw -a -P tcp -L 24.207.177.130 80 -R 192.168.0.11 80

and tada! port forwarding :)

some good documentation on this subject can be found at:
http://www.monmouth.demon.co.uk/ipsubs/portfw-2.2.html
http://www.flounder.net/ipchains/ipchains-howto.html

--Jamon Terrell

4/13/2002 1:26:57 PM, "Singularity[TF] \(Eric Peterson\)" <FreeZeR147@charter.net> wrote:

>After resetting the cable modem, trying random combinations of ethernet
>cables, and a couple thousand not-so-helpful tutorials, I got my router to
>work.  It can talk to the outside world, the world can talk to it.  It can
>talk to the internal network, the internal network can talk to it.  The
>internal network can talk to the outside world, but the outside world cannot
>speak unless spoken to, and that's what I would like to change.
>
>And, after all that, my question is:  How do you accomplish port-forwarding
>via iptables?
>
>
>-
>To unsubscribe, send email to majordomo@silug.org with
>"unsubscribe silug-discuss" in the body.
>

-
To unsubscribe, send email to majordomo@silug.org with
"unsubscribe silug-discuss" in the body.

References:
- The Son of Router Trouble: Part Two
  - From: "Singularity[TF] $Eric Peterson$" <FreeZeR147@charter.net>

Prev by Date: Re: File archiving questions
Next by Date: New Computer for Linux OS
Prev by thread: The Son of Router Trouble: Part Two
Next by thread: Re: OpenGL with GLUI
Index(es):
- Date
- Thread