Thanks Marty,
When you said it was really easy I thought "sure sure" but that
was amazingly easy to setup and write out rules for, installed and
configured in about 3 mins and that's including downloading and reading the
README and man file. From reading through the man file, and could not find
any mention of how it interacts with other software such as ipfwadm or
ipchains. What happens if you deny something in one program and then allow
it in the other? Does it let it through or does the program that is denying
the particular connection stop it when it is it's turn to filter the
packets? I only ask because easy to install usually means easy to circumvent.
Terry, I'd checked the slug archives already and couldn't find any articles
that addressed this problem (just lots of hits on articles saying "you
could use ipfwadm"). Thanks anyway.
Paul
At 12:36 AM 20/02/2001 +1100, you wrote:
>Hi Paul,
>
>Have you met rinetd? Its a really easy way of portforwarding without using
>ipfw or ipchains. I have a copy available for download at
>www.netwaynetworks.com.au/files/linux/rinetd_tar.tar
>
>Cheers,
>Marty
>
>
>On Monday, February 19, 2001 10:48 PM, Paul Robinson
>[SMTP:[EMAIL PROTECTED]] wrote:
> > Hi guys,
> > I've been trying to get my head around some old rulesets for ipfwadm
>as I
> > want to add the feature of forwarding everything sent to say 8088 on my
> > firewall to a particular machine inside my network 192.168.0.2
> >
> > What I've tried so far is the following:
> >
> > #Forward Web connections to your web server
> > /sbin/ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 8088 -D 192.168.0.2 80
> >
> > #Forward Web Connections to outside Web Server
> > /sbin/ipfwadm -F -a accept -b -P tcp -S 192.168.0.2 80 -D 0.0.0.0/0
>1024:65535
> >
> >
> > I've also tried it with mas in place of accept to no avail. It's been
>close
> > to 2 years since I've had to mess with this and the tucows howto's (what
> > used to be linux-HOWTO) don't seem to have the howto for it anymore.
> >
> > can anyone write out the rules required for this action or point me in the
>
> > direction of any good faq's/howto's.
> >
> > nb. I'd rather not install ipchains atm as it would mean rewriting all my
> > current rules (unless it's a snap on a 2.0.36 kernel)
> >
> > Thanks,
> > Paul
> >
> >
> > --
> > SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
> > More Info: http://slug.org.au/lists/listinfo/slug
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
