/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
euhm i guess i didnt explain good enough, the service that i want to reach
is on a server that is out 'there' on the internet at a service provider and
i want to reach the server, it is a bit like a site to administer a
RAQserver or so, the good thing is, is that i know on what server, thus IP
this is running so i can only open my firewall for that specific ip. so, my
boxes behing my firewall (private area) would like to access this one public
server on port 500
i hope this was more clear,
thanks a lot for the info already
bruno
----- Original Message -----
From: "David Ranch" <[EMAIL PROTECTED]>
To: "Bruno Waes" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Sunday, September 10, 2000 11:07 PM
Subject: Re: [Masq] server administration port 500
>
> >I want my boxes that are behind my firewall to be able to reach one
machine
> >lets stay 100.90.80.70 on port 500 it is for a secured website based
server
> >configuration system.
> >what do i have to add to my firewall script, for the moment i am using
the
> >trinityOS script
>
> First, it depends on what kind of access you are looking for. Ideally
> in the name of security, you shouldn't allow the entire Internet but
> only a few IP addresses.
>
> If you can restrict it down to a few IPs
> ----------------------------------------
> First un-# out one or more SECUREHOST variables and put in your
> desired IPs. Next, un-# out the respective SECUREHOST lines in
> both the INPUT and OUTPUT sections and make sure that you edit
> the line to allow IN and then OUT port 500. Now jump to the
> PORTFW section below in this email.
>
> If you want to allow the Internet to access port 500
> ----------------------------------------------------
> You need to copy an existing example such as the "HTTP Server" blocks
> in both the INPUT and OUTPUT section and replace port 80 with port
> 500 (assuming this new traffic is TCP).
>
> Setting up PORTFW
> -----------------
> Next, towards the top of the TrinityOS ruleset, you need to
> un-# a PORTFWIP variable and put in the IP address of the
> internal server you want to contact on port 500. Now,
> you need to goto the PORTFW section of TrinityOS (almost
> at the very end) and un-# out the line for the PORTFW
> variable you just enabled. Don't forget to update the
> ports in this PORTFW line to be port 500 and 500 where as
> the example uses 26 and 22.
>
> Thats it.. re-run the firewall and you should be good to
> go.
>
> Now that I think of it, I think I'll add this to the
> TrinityOS FAQ.
>
> --David
>
.---------------------------------------------------------------------------
-.
> | David A. Ranch - Linux/Networking/PC hardware
[EMAIL PROTECTED] |
>
----!
> `----- For more detailed info, see
http://www.ecst.csuchico.edu/~dranch -----'
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
