[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: ipchains

From: "Leonard den Ottolander" <leonardjo hetnet nl>
To: redhat-install-list redhat com
Subject: Re: ipchains
Date: Wed, 18 Oct 2000 23:14:34 +0200

		Hi Kuokai and Carlo,

 Carlo wrote:

> In your firewall, try this:
> 
> # ipchains -A input -p tcp -s any/0 5989 -d 192.168.2.200 5989 -j ACCEPT
> # ipchains -A output -p tcp -s 192.168.2.200 5989 -d any/0 5989 -j ACCEPT

 I guess you forgot the forward rule.
 Just kidding ;-). You can't route local IP addresses over the internet, so 
this won't work (not to mention you forgot to specify an interface in the 
example). If you use a masquerading firewall all machines connecting from the 
internet think they speak to the firewall, not to specific machines on the 
LAN.
 Kuokai, I think you want to use a portforwarder like ipmasqadm with a portfw 
rule (see http://juanjox.kernelnotes.org/). I think you could try setting up a 
VPN as Luke suggested, but that might be overdone if you only want to forward 
a few ports to specific machines.

				Hope this helps,

				Leonard.

Follow-Ups:
- Re: ipchains
  - From: Kuokai Shyu

References:
- Re: ipchains
  - From: Luke C Gavel
- Re: ipchains
  - From: Carlo Aureus

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]