[Firehol-support] Special Rule to redirect to an internal server on different port

Costa Tsaousis costa at tsaousis.gr
Mon Apr 21 19:47:32 BST 2008


Les Stott wrote:
> Hi,
>
> How would i achieve the following.......
>
> InternalServer=192.168.1.103 , runs rdp on port 3389
> InternalServer2=192.168.101 , runs rdp on port 3389
>
> Firewall=192.168.1.254
>
> i want to enable direct access to rdp ports on both servers. Not my 
> decision, my client wants this.
>
> obviously i can have 3389 dnat'ed through for one, direct to 3389.
>
> dnat to $InternalServer inface ppp+ proto tcp dport 3389
>
> router fileserver dst $InternalServer inface "ppp+"
>         server rdp accept
>
> This works fine.
>
>
> But how can i also do rdp to $InternalServer on 3389? i.e. access from 
> outside to <externalip>:3388 redirected to $InternalServer2:3389. Is it 
> possible?
>
> Normally i would just change the internal server to run rdp on 3388, but 
> my client doesn't want to do that.
>
> The only other way i know would be to use rinetd on the firewall, which 
> would work, but if i can do it all in firehol i'd be happy.
>
> Hope that makes sense,
>
> TIA
>
> Les
>   
This will do the trick:

dnat to $InternalServer2:3389 inface ppp+ proto tcp dport 3388

router fileserver dst "$InternalServer $InternalServer2" inface "ppp+"
        server rdp accept

Costa




More information about the Firehol-support mailing list