Seth Wegner wrote:
I have a limited gateway that can only hold a few port forward
entries. I have a debian sarge box on my internal network. I have no
DMZ. I would like to forward a range of ports from the gateway to the
debian box (say 5900-5999) and then forward those ports to various
users on the network so they can use Ultravnc Single Click, in order
to work around the limitation of the gateway. I would eventually like
to replace the gateway with a debian box, but I thought I'd learn more
about how this works first. I think I'm missing a fundamental concept
around the traffic coming in and going out on the same network.
You may want to see if your gateway can specify a dmz host. That way all
packets are automatically directed to Debian and you use Debian to
control everything.
Joshua D. Drake
I tried forwarding one port to the debian box, then telling the debian
box to forward to a workstation with the following commands, trying to
ultravnc single click connect from outside (a dial up connection) to
the listening workstation after each command. The traffic was never
seen on the workstation.
$iptables -A FORWARD -i eth0 -o eth0 -p tcp --dport 5904 -m state
--state NEW,ESTABLISHED,RELATED -j ACCEPT
$iptables -A PREROUTING -t nat -p tcp -d [ip of debian box] --dport
5904 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to [ip of
workstation]:5904
_______________________________________________
PDXLUG (a Portland Linux user group) mailing list
[email protected]
http://lists.pdxlug.org/mailman/listinfo/pdxlug
IRC: irc.freenode.net #pdxlug & #orlug
--
=== The PostgreSQL Company: Command Prompt, Inc. ===
Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240
Providing the most comprehensive PostgreSQL solutions since 1997
http://www.commandprompt.com/
_______________________________________________
PDXLUG (a Portland Linux user group) mailing list
[email protected]
http://lists.pdxlug.org/mailman/listinfo/pdxlug
IRC: irc.freenode.net #pdxlug & #orlug
