[Firehol-support] DNAT with port redirection?

Costa Tsaousis costa at tsaousis.gr
Fri Sep 19 00:15:52 BST 2003

Hi jeff,

Assuming that you want to redirect port 81 of (public IP of fw on
ppp0) to server on port 80 (protocol tcp), use this:

dnat to inface ppp0 dst proto tcp dport 81

Then you have to have a router like this (I assume that fw is connected to
sv with fw's eth0):

router myrouter inface ppp0 outface eth0

   server http accept

Of course I used the http service for matching tcp/80 (forget port 81
after the dnat).

If the service is unknown define this at the top:


and then in the router:

   server myserver accept


> Hello,
> 	I'm trying out firehol, and it looks like a great tool.  The only issue
> I'm
> having is:  the firewall (fw) provides a service on port X (the service's
> standard port), and another machine (sv) provides the same service (again
> on
> the standard port) on the internal network.  I need to make sv's service
> available on the internet side of the firewalll on a non-standard port
> (port
> Y).  I've read the docs, but I just can't seem to figure out how to do it.
> Jeff
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/firehol-support

More information about the Firehol-support mailing list