> No ideas?
Sorry...been busy w/XMas stuff.
> "Michael D. Schleif" wrote:
> >
> > I'm not sure where the problem is. Here are the facts:
> >
> > external interface
> > wan1
> > a.b.C.157
> > a.b.C.156/30 -- public
> > proxy_arp=yes
> >
> > internal interface
> > eth0
> > 192.168.1.254
> > 192.168.1.0/24 -- private
> > proxy_arp=no
> >
> > dmz interface
> > eth1
> > a.b.D.65
> > a.b.D.64/26 -- public
> > proxy_arp=yes
> >
> > How can we port forward this?
> > tcp internet:55631 -> 192.168.1.20:5631
> > udp internet:55632 -> 192.168.1.20:5632
> >
> > We've tried:
> > tcp_${EXTERN_IP}_55631_${PAM}_5631
> > udp_${EXTERN_IP}_55632_${PAM}_5632
> >
> > However, this results:
> > # ipchains -nvL | grep 563
> > 0 0 MASQ tcp ------ 0xFF 0x00 * 192.168.1.20 0.0.0.0/0
> > 5631 -> *
> > 0 0 MASQ udp ------ 0xFF 0x00 * 192.168.1.20 0.0.0.0/0
> > 5632 -> *
With what variable? I use the following to forward tftp and ssh (on port
221) to an internal system:
INTERN_SERVERS="udp_${EXTERN_IP}_tftp_10.28.18.33_tftp
tcp_${EXTERN_IP}_221_10.28.18.33_22"
In your case, you need (assuming PAM=<internal IP>):
INTERN_SERVERS="tcp_${EXTERN_IP}_55631_${PAM}_5631
udp_${EXTERN_IP}_55632_${PAM}_5632"
You shouldn't need to open the ports...being "high" ports, they should
already be open for inbound connections.
Charles Steinkuehler
http://lrp.steinkuehler.net
http://c0wz.steinkuehler.net (lrp.c0wz.com mirror)
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
