Steve Shrader <[EMAIL PROTECTED]> wrote:
>
> On the firewall I have set up testing rules of
> ipchains -F forward
> ipchains -P forward ACCEPT
There is no masquerading specified here at all.
> With the above entries, from the outside network I can pull up the web
> server on the firewall. However when I add the portfw command
> "ipmasqadm portfw -a -P tcp -L 216.37.28.196 80 -R 192.168.1.202 80"
> and telnet 216.37.28.196 80 the session hangs at "Trying
> 216.37.28.196..." and after several minutes "telnet: Unable to
> connect to remote host: Connection timed out"
Two things:
1. Are you testing from inside your local LAN? This will always fail,
because the kernel will notice that the packets come in one
interface, and then attempt to leave via the *same* interface.
That is not a valid forwarding method, so the kernel drops it.
2. Port-forwarding requires a masquerade entry to be found in the
forward ruleset, so that it can determine what sort of masq tunnel
needs to be set up. Since you have no masq rules in your forward
rules, the kernel cannot determine what masquerading it must perform
on the connection. Thus it fails.
> How do I check to see what was compiled into the kernel?
The /usr/src/linux/.config file contains the kernel configuration.
Assuming that you built the kernel yourself.
> Are there any log files I am missing that would help me?
Where does /etc/syslog.conf put the log file information?
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
sometimes known as David DeSimone || butter quite like unrequited love."
http://www.dallas.net/~fox/ || -- Charlie Brown
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
