On Fri, Feb 16, 2001 at 04:55:53PM +1100, Chris Stokes wrote:
> Echo 1 > /proc/sys/net/ipv4/ip_forward
> Ipchains -F
> Ipchains -P input accept
> Ipchains -P forward accept
> Ipchains -P output accept
> Ipchains -A forward -i eth1 -s 192.168.0.0/24 -j MASQ
> Ipmasqadm portfw -f
> Ipmasqadm portfw -a -P tcp -L 200.1.1.1 80 -R 192.168.0.175 80
It looks OK to me, as long as eth0 is 192.168.0.x and eth1 is 200.1.1.1
You should be able to telnet from 192.168.0.175 to 200.1.1.2, and
200.1.1.2 should think that 200.1.1.1 is telneting to it. If this
test works, then your portfw rule should work also.
ie port forwarding works by reverse masquerading.
Another way to do it is using mfw.
ipchains -I input -p tcp -d 200.1.1.1 80 -m 1 -i eth1
ipmasqadm mfw -A -m 1 -r 192.168.0.175
--
chesty
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
