LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 08-05-2009, 10:57 AM   #1
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Rep: Reputation: 30
If I forward a port in iptables, does the port have to be open on the firewall?


If I forward port 80 to port 3128 for squid with an iptable rule, does port 3128 have to be open on the firewall or is this all routed behind the firewall?
 
Old 08-05-2009, 02:26 PM   #2
PresGas
Member
 
Registered: Jul 2008
Location: Bloomington, IN
Distribution: Ubuntu/Debian
Posts: 51
Blog Entries: 5

Rep: Reputation: 18
iptables IS the firewall for Linux, or at least the front-end for netfilter of which is the firewall for Linux. Are you meaning an external firewall perhaps?
 
Old 08-05-2009, 03:12 PM   #3
kirukan
Senior Member
 
Registered: Jun 2008
Location: Eelam
Distribution: Redhat, Solaris, Suse
Posts: 1,278

Rep: Reputation: 148Reputation: 148
You will have to accept port 3128 at your INPUT table, In iptable prerouting is happening first.
http://www.docum.org/docum.org/kptd/
 
Old 08-05-2009, 05:41 PM   #4
qwertyjjj
Senior Member
 
Registered: Jul 2009
Location: UK
Distribution: Cent OS5 with Plesk
Posts: 1,013

Original Poster
Rep: Reputation: 30
Quote:
Originally Posted by PresGas View Post
iptables IS the firewall for Linux, or at least the front-end for netfilter of which is the firewall for Linux. Are you meaning an external firewall perhaps?
Yes, there is an external hardware firewall on my box or on the network held by the host, which presumably picks up the IP and associated rules. So, a http request would come in on port 80.
To forward it, do I need to open the external firewall as well as forward it in iptables?
The external firewall has no forwarding facility in this case so it has to be done through iptables.
 
Old 08-06-2009, 10:22 AM   #5
PresGas
Member
 
Registered: Jul 2008
Location: Bloomington, IN
Distribution: Ubuntu/Debian
Posts: 51
Blog Entries: 5

Rep: Reputation: 18
If I am understanding you correctly, squid is also on the server. If that is the case, I believe you would only need to open up 80 on the outside firewall, as everything else would be done at the server.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IPTables port forward help matux Linux - Networking 1 09-09-2008 11:54 AM
port 25 filtered despite firewall having port 25 open ille.pugil42 Linux - Security 8 03-09-2007 01:51 AM
Open Port - Linux Firewall - IPtables SBFree Linux - Networking 1 05-12-2006 08:03 AM
iptables port forward forbese SUSE / openSUSE 1 02-12-2006 03:35 PM
How to port forward with IPTABLES... Scrag Linux - Security 6 12-13-2004 05:57 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:06 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration