[Firehol-support] DNAT with port redirection?
Costa Tsaousis
costa at tsaousis.gr
Fri Sep 19 00:15:52 BST 2003
Hi jeff,
Assuming that you want to redirect port 81 of 1.1.1.1 (public IP of fw on
ppp0) to server 10.0.0.2 on port 80 (protocol tcp), use this:
dnat to 10.0.0.2:80 inface ppp0 dst 1.1.1.1 proto tcp dport 81
Then you have to have a router like this (I assume that fw is connected to
sv with fw's eth0):
router myrouter inface ppp0 outface eth0
server http accept
Of course I used the http service for matching tcp/80 (forget port 81
after the dnat).
If the service is unknown define this at the top:
server_myserver_ports="tcp/80"
client_myserver_ports="any"
and then in the router:
server myserver accept
Costa
> Hello,
>
> I'm trying out firehol, and it looks like a great tool. The only issue
> I'm
> having is: the firewall (fw) provides a service on port X (the service's
> standard port), and another machine (sv) provides the same service (again
> on
> the standard port) on the internal network. I need to make sv's service
> available on the internet side of the firewalll on a non-standard port
> (port
> Y). I've read the docs, but I just can't seem to figure out how to do it.
>
> Jeff
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/firehol-support
>
More information about the Firehol-support
mailing list