/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Craig Williams wrote:
> Right, firstly, I have read every FAQ and HOWTO regarding this subject and
> couldn't find
> any answers to my questions - hopefully I never overlooked anything ;-)
>
>
>
> Problem: I wish for people on the internet to be able to see my internal
> webserver which has a 192.168.1.X
> address -
>
>
> Setup: Slackware 7.1, kernel 2.2.16 - compiled with support for all network
> types including chains,portfw,mfw.
>
> NIC Setup: One network card for testing purposes, with multiple IP's eth0 /
> eth0:1 / eth0:2 / eth0:3
>
> I know certain things won't work with the above because you can't specify an
> aliased Interface but with the below you simply specify an IP to listen on.
>
> IPChains works perfectly so, no problem there.
>
> I tried port redirection using "ipmasqadm portfw", the software sets up the
> rules but no forwarding takes place. If you try surf to the website it just
> times out.
>
> I tried mark forwarding using "ipmasqadm mfw" and "ipchains to mark", this
> had exactly the same result.
>
> Forwarding is enabled :)
>
> Anyone have any ideas ?
a prerequisite for portfw is masquerading in the other (outward) direction.
i think this is only mentioned in the ipmasqadm manpage but i could be wrong.
have you done this?
i.e.
ipchains -P forward DENY
ipchains -A forward -s 192.168.1.X/32 -j MASQ
(replace the /32 with /24 or something if you want internal hosts
on that lan masqueraded for outgoing connections).
raf
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
