[Firehol-support] Re: Redirecting ports to other computers

Daniel Pittman daniel at rimspace.net
Fri Jan 28 23:56:04 GMT 2005

On 28 Jan 2005, Francis Brosnan Blazquez wrote:
> First of all, I must to congratulate for this powerful and easy to use
> software, that is, firehol. 
> Anyway, I have found (or it seems to me) that firehol doesn't support to
> redirect ports to an outside direction, I mean, if you want to redirect
> incoming connections to the firewall and nat them to other machine but
> also rewriting the destination port.
> A concrete scenario is follows: a have two boxes behind a firewall
> (running firehol ;-) and I need to allow incoming connections to, for
> example, port 2222 and enroute this connection to port 22.
> Finally, what I have done, is to use redir software, configuring it to
> accept incoming connection to tcp port 2222 and enroute them to tcp port
> 22 inside the local network.
> Is there any way to support this by using only firehol or using redir is
> a acceptable solution?.

Well, you can always write something like:

   iptables -p tcp -dport 2222 ...

That allows you to integrate a raw iptables command into the firehol
infrastructure.  Don't prefix the 'iptables' bit, though -- that is a
function that simply passes its arguments into the final firewall

If you were happy all the time, you wouldn't be human.
You'd be a game-show host.
        -- Veronica, _Heathers_

More information about the Firehol-support mailing list