/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! */
[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>
> If you want the internal server to be accessible from the outside, try
> these lines in your script:
>
> ipchains -F forward
> ipcahins -P forward MASQ
Ugh! This is the worst advice I've seen given out on this list.
Nothing personal, but.. this is very bad. It means that, not only can
your internal LAN masquerade its way out, but.. anyone on the whole Net
can masquerade their way INTO your LAN! They'll end up pretending to
look like your masq box to internal systems!
Furthermore, the above is not needed at all to get port-forwarding to
work.
> Portfw only works when masqing is turned on for both directions.
Simply not true. If you didn't get it working before, there was
something else wrong. This wasn't the fix.
The port-forwarding code works by searching the forwarding rules for a
masq entry that will work in the opposite direction from the connection
being forwarded. So enabling masq in that direction won't help!
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
sometimes known as David DeSimone || butter quite like unrequited love."
http://www.dallas.net/~fox/ || -- Charlie Brown
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
