Re: [GnomeMeeting-list] IPCHAINS drudgery



Hi,

I think that IPCHAINS didn't support port forwarding...

Le sam 12/04/2003 à 12:40, AG a écrit :
> I'm running a legacy IPCHAINS FW and would like to configure it to
> portfwd the required ports for GM. The FW is a homemade LINUX gateway,
> running the 2.2.18 kernel. PMFirewall is my FW software.
> I only wish to pass packets to one machine on my private LAN.
> 
> The box supports NAT and I believe IP Translation too, but doesn't
> natively support H.323 or the other fancy Netmeeting protocols.  The
> machine has 484 days of uptime and I do not wish to shut it down and
> upgrade my Slack distro to setup IPTABLES just to get GM working ;)  
> 
> Could anyone help me with IPCHAINS translation equivalent of the
> IPTABLES solution below?  Hopefully, this will be a painless and simple
> process..
> 
> Thx in advance..
> 
> <-snip->
> IPTABLES=/usr/local/sbin/iptables
> OUT_DEV=eth0
> IN_HOST=192.168.1.12
> TCP_PORT_RANGE=30000:30010
> UDP_PORT_RANGE=5000:5003
> TCP_LISTENING_PORT=1720
> $IPTABLES -t nat -A POSTROUTING -o $OUT_DEV -j MASQUERADE
> $IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_PORT_RANGE -j DNAT --to-dest $IN_HOST
> $IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p udp --dport $UDP_PORT_RANGE -j DNAT --to-dest $IN_HOST
> $IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_PORT_RANGE -d $IN_HOST -j ACCEPT
> $IPTABLES -A FORWARD -p udp -i $OUT_DEV --dport $UDP_PORT_RANGE -d $IN_HOST -j ACCEPT
> $IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_LISTENING_PORT -j DNAT --to-dest $IN_HOST
> $IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_LISTENING_PORT -d $IN_HOST -j ACCEPT
> <-snip->
-- 
Damien Sandras <dsandras seconix com>




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]