[Firehol-support] Re: Redirecting ports to other computers
Daniel Pittman
daniel at rimspace.net
Fri Jan 28 23:56:04 GMT 2005
On 28 Jan 2005, Francis Brosnan Blazquez wrote:
> First of all, I must to congratulate for this powerful and easy to use
> software, that is, firehol.
>
> Anyway, I have found (or it seems to me) that firehol doesn't support to
> redirect ports to an outside direction, I mean, if you want to redirect
> incoming connections to the firewall and nat them to other machine but
> also rewriting the destination port.
>
> A concrete scenario is follows: a have two boxes behind a firewall
> (running firehol ;-) and I need to allow incoming connections to, for
> example, port 2222 and enroute this connection to port 22.
>
> Finally, what I have done, is to use redir software, configuring it to
> accept incoming connection to tcp port 2222 and enroute them to tcp port
> 22 inside the local network.
>
> Is there any way to support this by using only firehol or using redir is
> a acceptable solution?.
Well, you can always write something like:
iptables -p tcp -dport 2222 ...
That allows you to integrate a raw iptables command into the firehol
infrastructure. Don't prefix the 'iptables' bit, though -- that is a
function that simply passes its arguments into the final firewall
script.
Daniel
--
If you were happy all the time, you wouldn't be human.
You'd be a game-show host.
-- Veronica, _Heathers_
More information about the Firehol-support
mailing list