Hi all,
can anyone tell what is IP forwarding and gimme some tutorials or guides related to that...
thanks...

IP forwarding can forward network traffic from one computer to another. You can read man iptables to achieve it.

When you forward port P of host H to port Q of host I, you actually listen on H:P and send (forward) any packets to I:Q, and you also send any response packets you get from I back to the client (whoever initiated the connection). It follows that port P on H must be free, and if P<1024, you need to be(come) root on H.
Others provided tutorials.

The easiest way to temporarily forward ports is using the -L or -R option of ssh. For a trivial example,
And then http://localhost:8000 will give you the same as http://google.com

If the client is not local on H, you must use -g with -L (not -R). The forwarding will only last as long as the ssh session. man ssh

Thanks Quigi,
what does this syntax means... H:P and I:Q...port P on host H and port Q on host I ?? or does it have any other meaning...and say i am in LAN and i want to send packets from my port say "x" to my friends PC port say "y"... how to achieve this.....is this also IP forwarding...

Yes, exactly. For example, the HTTP port (port 80) of host google.com (72.14.207.99 among others) is often denoted "google.com:80" or "2.14.207.99:80". It's just a convention/shorthand.

Answer A: You have to tell us (much) more. What are you trying to achieve? Are you sure you need to think at the packet level, or could you describe your goal in terms of a "connection"?

Answer B: nc

Hint: the originating port (x) hardly ever matters.
If I understand you right, it isn't -- it's just some packets (and maybe a connection) between you and your friend. The machine doing IP forwarding (H in my example) in a way acts as a proxy between a client and a server (I).

I neglected to mention that with ssh, the listening side and the forwarding/initiating side can be on different computers, which lets you tunnel through firewalls. That's a bit different from "plain" forwarding.

BTW, there's a fairly simple perl script out on the web for connection forwarding.

Thanks Quigi,
what i had thought from your explanation in the first reply is the host itself is the client ...now i got your point... u mean to say IP forwarding is same as IP masquerading ??
what exactly this does.. i didnt get.. sorry...
can u please gimme an example considering 3 machines with conditions... to understand IP forwarding better...
thanks again....

Hi Culin,

Please disregard everything I said about port forwarding, because you had asked about IP forwarding. I tried http://en.wikipedia.org/wiki/Special.../IP_forwarding (their search failed temporarily, but Google got me some hits.)

Say you browse to www.google.com; let's look in minute detail what goes on.

Host A (your computer) wants to send a packet to host B (say, www.google.com). As route -n reveals, A doesn't have a direct wire to B, so it sends the packet to the appropriate gateway C (marked with a G in the "Flags" column, probably your default gateway). Now machine C acts as a router and forwards the packet to another machine, which is one hop closer to B. Here, C does IP forwarding. Note that this is just the beginning -- there are many more steps till your packet gets to B, and a response packet makes its way back to A (probably again through C), and then many more packet roundtrips till (a fraction of a second later) your browser displays the google page.

Again, what are you trying to accomplish?

Thanks Quigi,
i am just trying to get a clear picture and understand between IP forwarding IP masquerading and port forwarding...

...
u r telling something about packets... i think this is regarding connections right ??
here what is the meaning of sending packets ?? because when establishing any conneciton packets will obviously come into picture right ?? what is special here ??
IT DOES IP FORWARDING... how it does ???

sorry if i am bugging u tooo much....i am really trying to understand the things better....

For getting an overall picture, keep reading the web. I found the articles in Wikipedia particularly helpful and well-written.

When establishing, using, and tearing down a connection, packets are exchanged. (But you may also send around packets (e.g., UDP datagrams) without establishing a connection.) Packets and connections are talking at different levels of the ISO/OSI model.

ok. thanks for the info....