RE: [plug] redir httpd service

Wed, 12 Apr 2000 19:13:40 -0700 

> -----Original Message-----
> From: Horatio B. Bogbindero [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 13, 2000 8:14 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: [plug] redir httpd service
> 
> 
> > > 
> > > i tried the following lines for ipmasqadm
> > > 
> > > ipmasqadm portfw -a -P tcp -L 10.0.0.1 9999 -R 10.0.0.2 8840
> > > 
> > > i do a ipmasqadm portfw -l and i find the entry for this 
> rule. but it
> > > seems to not work pa rin.
> > > 
> > > what i want to do is whenever somebody accesses with his 
> web browser
> > > to http://10.0.0.1:9999. he is actually accessing 
http://10.0.0.2:8840?
> 
> Check the following things below:
> 
> 1. Make sure that your kernel is compiled with ip portforwarding,
> masquerading.
yup. this is pretty certain because this is a firewall and masq box.

> 2. Check your 10.0.0.2 machine to see if it's really listening on port
8840
yup. i have a httpd server running at that port.

> 3. The 10.0.0.2 machine should have the gateway set to 10.0.0.1
this is pretty sure too.

> 4. Issue ping from the 10.0.0.2 machine. Make sure that 10.0.0.2 can ping
> networks beyond 10.0.0.1
yup.

> 5. Make sure that you have input & output chains for your external
interface
> set to 9999 or else, request will be rejected.
what do you mean? i think i did not set this. are you talking about
ipchains -A forward -s 10.0.0.2/32 -j MASQ? --> set this already for masq.

> 6. Can you please do a ipmasqadm portfw -l -n and paste it here
> 
>prot localaddr            rediraddr               lport    rport  pcnt
pref
>UDP  10.0.0.1             10.0.0.2                 9999     8840    10
10
>TCP  10.0.0.1             10.0.0.2                 9999     8840    10
10

>this looks fine to me. i will try orly's suggestion first. it might just
>work.

Yes, Orly is right. It will not work if you are on the same network. The
request should be coming from another subnet connected to 10.0.0.1. Here is
my setup

internet-------isp--------router-----linux eth0 @200.1.1.1
                                           eth1 @192.168.1.1 ----------http
server
 
@192.168.1.2
ipmasqadm portfw -a -P tcp -L 200.1.1.1 80 -R 192.168.1.2 80
ipmasqadm portfw -a -P udp -L 200.1.1.1 80 -R 192.168.1.2 80

hope this config will help you



-
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]

Reply via email to