LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-02-2005, 12:14 PM   #1
jleipert
LQ Newbie
 
Registered: Jul 2005
Posts: 6

Rep: Reputation: 0
Exclamation opening ports I think


ok this is my setup


home===Internet====Work(sonicwall)===main router(linux)==clients

webserver is connected to the sonicwall


this is my problem

from home I can access my webserver port 80/81/100

I have differnet services of course running on differnet ports- they all work fine

but from INSIDE(CLIENTS) they only can access the service running on port 80 not port 81 or 100

i can go on the MAIN ROUTER(linux) and access all ports(81;80;100)
but not on the clients(only 80)

so....i hope someone can help me!!!!!!

Last edited by jleipert; 09-02-2005 at 12:16 PM.
 
Old 09-02-2005, 02:07 PM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
What sort of forwarding/proxying is the linux router doing?
 
Old 09-02-2005, 03:09 PM   #3
jleipert
LQ Newbie
 
Registered: Jul 2005
Posts: 6

Original Poster
Rep: Reputation: 0
Thanks for the reply!

The linux box is just using ip_forward(ipv4). I also stopped iptables- still no luck


i typed the command echo 1 > /proc/sys/net/ipv4/ip_forward (something like that)
I hope you can help!!! ......i spent all day looking at this

but if I'm on the linux box.....I can bring up all the stuff.

on the clients port 80 only works ---i need 81 and 100



thanks again
 
Old 09-03-2005, 06:40 AM   #4
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
Can you post the output from:
iptables -nL
iptables -nL -t nat
 
Old 09-03-2005, 08:18 AM   #5
jleipert
LQ Newbie
 
Registered: Jul 2005
Posts: 6

Original Poster
Rep: Reputation: 0
is this on the right track? let me know


A.B.C.D = wan ip address
a.b.c.d = lan ip address



iptables -t nat -A PREROUTING -p tcp --destination A.B.C.D -m multiport\
--destination-port 22,25,80,443 -j DNAT --to-destination a.b.c.d


when i go back to work I'll get the info for you

joe
 
Old 09-03-2005, 08:19 AM   #6
jleipert
LQ Newbie
 
Registered: Jul 2005
Posts: 6

Original Poster
Rep: Reputation: 0
of course i'll change the ports numbers 100,81
 
Old 09-04-2005, 04:51 AM   #7
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 64
That will NAT the ports of the linux box, I thought you just wanted to pass through and access the web server?
 
Old 09-04-2005, 09:14 AM   #8
jleipert
LQ Newbie
 
Registered: Jul 2005
Posts: 6

Original Poster
Rep: Reputation: 0
ok....I guess that's wrong I'll get the info for you today that you requested
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Opening ports lunke Linux - Security 10 06-07-2005 03:04 AM
Opening ports for games. fipeso Linux - Security 2 05-02-2005 01:39 PM
Ports still not opening! Help? spam4scott Linux - Networking 1 05-28-2004 12:48 AM
Help with iptables and opening ports barbar4854 General 3 02-06-2004 01:00 PM
Opening Ports george3k Linux - Newbie 7 02-16-2003 01:59 PM


All times are GMT -5. The time now is 10:52 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration