If everyone is not bothered by anything contained in this FAQ,
I'll format it and submit it to the docmanager in the next day or two.
Thanks,
~Lynn
> ###### start of FAQ ############################
>
>
> Q. How do I port forward a service through my Dachstein firewall to
> the my internal network?
>
> A. There are four steps to port forwarding in Dachstein. They are as
> follows:
>
> 1) Edit /etc/modules and uncomment the "IP_masq_portfw" module.
> Save the file and exit. You may need to download this module
> and copy it to /lib/modules on your running LEAF system if you
> are using the floppy version.
>
> 2) Edit /etc/network.conf to open the desired external port you would
> like to to forward with one of the two available options:
>
> # TCP services open to outside world
> # Space separated list: srcip/mask_dstport
> EXTERN_TCP_PORTS="0/0_www"
>
> # -or-
>
> # Indexed list: "SrcAddr/Mask port [ DestAddr[/DestMask] ]"
> #EXTERN_TCP_PORT0="5.6.7.8 domain 1.1.1.12"
> EXTERN_TCP_PORT0="0/0 www"
>
>
> Use only one of these two forms of entry. If you use both, only the
> one you use first will have any effect. Whichever one appears second
> in the file will be disregarded. Be sure that the one you are not
> using is "commented out" with a "#" at the beginning of the line.
>
> You can use either the actual port number itself (for example, "80"),
> or you can use the symbolic name for the port that appears in the
> file /etc/services (in the same example, "www").
>
>
>
> 3) While you're editing /etc/network.conf, you will also need to
> specify the port forwarding itself. You do this with:
>
> # Uncomment following for port-forwarded internal services.
> # The following is an example of what should be put here.
> # Tuples are as follows:
> #
> <protocol>_<local-ip>_<local-port>_<remote-ip>_<remote-port>
> INTERN_SERVERS="tcp_${EXTERN_IP}_www_192.168.1.1_www"
>
> #-or-#
>
> # These lines use the primary external IP address...if you
> need to # port-forward
> # an aliased IP address, use the INTERN_SERVERS setting
> above #INTERN_FTP_SERVER=192.168.1.1 # Internal FTP server to make
> available INTERN_WWW_SERVER=192.168.1.1 # Internal WWW server to
> make available
>
> As with Step 2, you can use one of the options or the other of
> these options, but not both. I suggest using the first option, since
> all ports and addresses are explicitly stated and you can use
> different ports coming into and forwarded out of the firewall. It
> also allows more
> flexibility for using non-standard ports.
>
> I personally use port 81
> for my external web-services, but use port 80 on the internal
> network. The first syntax allows for forwarding the external port 81
> to the internal port 80 with a line like this:
>
> INTERN_SERVERS="tcp_${EXTERN_IP}_81_192.168.1.1_80"
>
> After you are finished with the configuration here, save the file
> and exit the editor.
>
>
>
> 4) You are now finished with all the configuration. You should now
> the "lrcfg" menu system (if you are not using it already) and
> choose the backup option. You will need to backup the "etc" and
> "modules" packages. After both of the packages are backed up, exit
> the menu system and reboot the Dachstein machine. Your new port
> forwarding setup should now be operational.
>
> ############# end of FAQ ####################################
--
~Lynn Avants
aka Guitarlynn
guitarlynn at users.sourceforge.net
http://leaf.sourceforge.net
If linux isn't the answer, you've probably got the wrong question!
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-devel
