Subject: Re: ipchains example please
From: Michael Fowler (michael@shoebox.net)
Date: Mon Aug 26 2002 - 14:35:14 AKDT
On Sun, Aug 25, 2002 at 08:43:14PM -0800, Greg Jetter wrote:
> I am trying to port forward for the first time with ipchains , usualy use it
> just to masqurade with . What I want to do is take trafic hitting port 81
> on the box connected to the net and send it to another box on the lan so any
> packets going to dogbert on port 81 wind up going to port 80 on catbert.
>
> any one got an example of a ipchain rule set that would do this ?
There are a few ways to do this with ipchains, all of them involve the
ipmasqadm facility. You have to have support for this compiled into your
kernel, and the ipmasqadm program installed.
The most flexible way I've found is with firewall marking. You mark the
packet, like so:
ipchains -A input --dport 81 -p tcp -y -m 1
The -m marks it as "1". Then forward it:
ipmasqadm mfw -A -m 1 -r catbert 80
See man ipmasqadm for more information.
This can also be accomplished more succinctly with ipmasqadm portfw, or you
can go a completely different route with rinetd, which is a daemon that does
the forwarding for you.
Michael
-- Administrator www.shoebox.net Programmer, System Administrator www.gallanttech.com ----------- To unsubscribe, send email to <aklug-request@aklug.org> with 'unsubscribe' in the message body.
This archive was generated by hypermail 2a23 : Mon Aug 26 2002 - 14:34:17 AKDT