Portforwarding with ipchains on 2.4 kernel

This is a discussion on Portforwarding with ipchains on 2.4 kernel within the Linux Security forums, part of the System Security and Security Related category; I need to portforward from the internet to a host behind a Linux firewall using ipchains. Yes, iptables is preferred, ...


Go Back   Usenet Forums > System Security and Security Related > Linux Security

Reload this Page Portforwarding with ipchains on 2.4 kernel

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 06-27-2003
Mogens Valentin
 
Posts: n/a
Default Portforwarding with ipchains on 2.4 kernel
I need to portforward from the internet to a host behind a Linux
firewall using ipchains. Yes, iptables is preferred, but...

Ascii art:
internet---router------linuxfirewall------host
10.0.0.2 10.10.0.1 10.10.0.10
On the linuxfirewall, I have a virtual if, eth0:1, with IP 10.0.0.9 .
The router already does a 1:1 nat which works.

Of cause, I'll need firewallrules allowing needed traffic from
10.0.0.9 to 10.10.0.10 . Those are in place, AFAIC.

Using ipchains, I guess I'll need ipmasqadm with something like:
ipmasqadm portforward -a -p tcp -l 10.0.0.9 port -r 10.10.0.10 port

Problem is, it seems I do not have ipmasqadm on the system. I may be
missing something in the kernel setup, or need an external package.

Recommandations...?

Regards, /m

Reply With Quote
  #2 (permalink)  
Old 06-27-2003
Mogens Valentin
 
Posts: n/a
Default Re: Portforwarding with ipchains on 2.4 kernel
Mogens Valentin wrote:
> I need to portforward from the internet to a host behind a Linux
> firewall using ipchains. Yes, iptables is preferred, but...
>
> Ascii art:
> internet---router------linuxfirewall------host
> 10.0.0.2 10.10.0.1 10.10.0.10
> On the linuxfirewall, I have a virtual if, eth0:1, with IP 10.0.0.9 .
> The router already does a 1:1 nat which works.
>
> Of cause, I'll need firewallrules allowing needed traffic from 10.0.0.9
> to 10.10.0.10 . Those are in place, AFAIC.
>
> Using ipchains, I guess I'll need ipmasqadm with something like:
> ipmasqadm portforward -a -p tcp -l 10.0.0.9 port -r 10.10.0.10 port
>
> Problem is, it seems I do not have ipmasqadm on the system. I may be
> missing something in the kernel setup, or need an external package.

Well, I tryed to use ipmasqadm.0.4.2-4.rpm, which I downloaded from
ftp.redhat.com/pub/contrib/i386 .
rpm -i --test didn't protest, so I installed it.

I got some errors when executing above ipmasqadm portfw jadijadi...
ipmasqadm portfw -l produced these errors:
Could not open "/proc/net/ip_masq/portfw"
Could not open "/proc/net/ip_portfw"

Needless to say that the ipmasqadm package has not been adapted for
use with the changed /proc structure in 2.4 kernels.

Guess I'll have to rebuild the kernel for pure iptables support, and
rewrite ipchains rules for iptables.

I'd still like comments, if anyone has managed to make ipmasqadm or
other 1:1 nat technique work with ipchains on a 2.4 kernel.

Have a nice weekend,
/m

Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT +1. The time now is 03:12 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0