/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Jan Stifter wrote:
> On Tue, 31 Oct 2000 18:31:18 +1100, raf <[EMAIL PROTECTED]> wrote:
>
> >the problem is that this only works when the destination address that
> >you are rewriting is the/one-of-the address(es) of the firewall/masquerading
> >host. that's not what you're doing.
>
> ah, many thanks for giving light into darkness! i already gave up, but
> did not know, why it did not work.
>
> >some options in no particular order are:
> >
> >(4) put a proxy program on the dmz host to forward the packets
> >appropriately.
>
> this would be nice, also for logging the current exploit. do you have
> any links, where i could find such a forward tool?
> it should be very stable and very simple...
socks can probably do it. the tis internet firewall toolkit
can almost certainly do it (they have a generic tcp proxy).
www.tis.com/fwtk/
> >(7) try redir - not as efficient as kernel methods but might do what
> >you want.
>
> do you know, just out of your mind, what i would need for redir? is it
> a module or a user space programm ?
it's a user space program. shouldn't be hard to find.
> many thanks to you, raf. i almost lost my mind by reconfiguring my
> firewall at least 20 times, sniffing around with tcpdump, ... and
> hearing the complaints of some customers, that they can not reach
> their #!"@@# m$-outlook anymore.
no worries. i hope the pain subsides :)
raf
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
