Thomas Morin wrote: > > -. Chad Thompson (2001-07-23) : > | > | Hmmm... Both firewalls (the one on my side and the one at the VPN host > | site) , use IPCHAINS. It seems that I can allow the protocol 57 traffic > | through my firewall on the client side, but when I try below on the VPN > | host side: > | > | ipmasqadm portfw -a -P 57 -L $IPADDR -R 10.2.0.2 > > I don't know SKIP, I don't know if it has ports. But here I really > believe you are trying to do 'port forwaring' on a protocol for which > ipchains doesn't know 'ports'. > > | I get a 'portfw: invalid protocol specified' ..... Is there a > | different way to do this? Please don't tell me I need to upgrade > | kernels to 2.4.x now.... :) > > You can achieve NAT, by using 'ip rules', and 'ip route' from the > 'iproute2' package, but you'd really use iptables' NAT here, it's *far* > easier.
Does anybody know anything about autofw/IPAUTOFW? I think that is what I would need to use to forward protocol 57. How do you forward protocol 50 or 51 if the kernel is not aware of it? 'ip rules' and 'ip route' look very complicated...:) Thanks, Chad . . . ............... Chad A. Thompson Network Administrator Macristy Industries [EMAIL PROTECTED] 860.225.4637
