LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-14-2002, 07:47 AM   #1
hommih
Member
 
Registered: Oct 2001
Location: Norway
Distribution: SuSE 7.0, Red Hat 7.2
Posts: 32

Rep: Reputation: 15
Firewall and proxy!?


I have a small network at my house, 5 pc's to be exact! One of them is running as a gateway and is masqurading my internal network to the Internet. I have no problems when it comes to contacting/downloading, internally, from the Internet (of course), but how can i contact one specific machine inside my network from the Internet???

Hope this question makes any sense at all!!

Hommi
 
Old 01-14-2002, 08:46 AM   #2
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
depends on what's running it.

What's running the gateway ? i.e firewall software and kernel version.

You need do something called port forwarding to non assigned ip addresses.

/Raz
 
Old 01-14-2002, 12:49 PM   #3
hommih
Member
 
Registered: Oct 2001
Location: Norway
Distribution: SuSE 7.0, Red Hat 7.2
Posts: 32

Original Poster
Rep: Reputation: 15
The gateway is running SuSE Linux 7.0 with kernel 2.2, with SuSE firewall (ipchains packet filtering...) Is it possible to do port forwarding with ipchains or do I need iptables? Where can i find out about port forwarding?

By the way, thanks!

Hommi
 
Old 01-15-2002, 09:32 AM   #4
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
ipchains can't do it on its own. "iptables can with DNAT option"

ok you need some software called "ipmasqadm"
once you have installed the software you need to make sure the ipchains rules allow inbound connections to the port no. you need.
i.e
# accepts inbound http requests
ipchains -A input -p tcp -s 0/0 --sport 1023:65535 -d 242.38.126.140 --dport 80 -j ACCEPT

Then load the module:
modprobe ip_masq_portfw

Then the syntax once the "ipmasqadm" software is loaded would be:

# ipmasqadm portfw -a -P tcp -L 242.38.126.140 80 -R 192.168.1.7 80

---------- what the --------
-a = add append or something like that
-P tcp = protocol
242.38.126.140 = your real external ip address on the ipchains box
80 = port on the ipchains box "httpd"
-R = redirect to
192.168.1.7 = your internal ip address
80 = port on the internal ip address "httpd"

/Raz
 
Old 01-15-2002, 10:06 AM   #5
hommih
Member
 
Registered: Oct 2001
Location: Norway
Distribution: SuSE 7.0, Red Hat 7.2
Posts: 32

Original Poster
Rep: Reputation: 15
Thanks alot!!

I have a dynamic ip-address that changes every 14 days by my ADSL-provider. You know about any workarounds so that I don't have to update manually? Can I use a hostname instead of an ip-address with the -d and -L option?

Hommi
 
Old 01-15-2002, 10:39 AM   #6
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
I'm guessing you would need to write a script that takes the new ip address and re-runs the port forwarder.

something like:

#! /bin/sh
INET_IP="`/sbin/ifconfig eth0 2> /dev/null | grep 'inet addr' | awk '{print $2}' | sed -e 's/.*://'`"
ipmasqadm portfw -f
ipmasqadm portfw -a -P tcp -L $INET_IP 80 -R 192.168.1.7 80

/Raz
 
Old 01-16-2002, 09:25 AM   #7
hommih
Member
 
Registered: Oct 2001
Location: Norway
Distribution: SuSE 7.0, Red Hat 7.2
Posts: 32

Original Poster
Rep: Reputation: 15
Thanks!

Just one last thing. I don't have ipmasqadm installed on my gateway, and i'm having trouble finding it on the net. Do you know where I can find it? The source code, not as rpm?

Hommi
 
Old 01-16-2002, 09:58 AM   #8
raz
Member
 
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
it use to be at http://juanjox.linuxhq.com/ipmasqadm-0.4.2.tar.gz
but the link is dead for me.

sorry.
/Raz
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Proxy traffic through firewall syd2001 Linux - Security 3 11-18-2005 01:43 AM
Server as firewall and proxy. fiomba Linux - Security 2 11-16-2005 06:24 AM
Proxy/Firewall Blocker TuxFreak Linux - Networking 3 06-08-2005 10:44 AM
Gateway/Firewall and Proxy da_tibmeister Linux - Networking 5 10-03-2003 07:59 AM
Firewall Proxy?? Whats yours? Road Linux - General 2 10-11-2002 02:05 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration