[Firehol-support] port-forwarding and/or one-to-one nat setup (configuration)

Daniel Goering g_daniel at gmx.net
Tue Oct 13 13:55:23 BST 2009


Have a look here:
	http://firehol.sourceforge.net/commands.html?#nat
Example:
dnat to 192.168.0.101 inface "ppp+" proto tcp dport 20000:20099

will redirect all incoming tcp traffic from ppp interfaces on ports
20000 to 20099 to the local machine 192.168.0.101

additionally to changing the destination you need to allow the routing
of these packages

router portFwds inface "ppp+" outface eth0
	protection strong
	route custom my_forwards "tcp/20000:20099" default accept dst 192.168.0.101

Cheers
	Daniel


R E Gomez wrote:
> 
> 
> I’ve been looking for a configuration example (a simple one) for me to
> use on my home firewall currently running firehol.  Anyone know where I can find a good sample
> for a semi-easy configuration?  If I
> could find a configuration or two that matches my environment (really shouldn’t
> be THAT hard to find!):
> 
>  
> 
> -         
> Two NICs (eth0>out, Eth1>in): got it, this is working
> 
> -         
> Firewall has public IP and I’m masquerading (using a private address on
> my inside network): got it, this is working
> 
> -         
> Have one of my inside computers (let’s say 10.2.2.55) servicing ports
> 8551 and 8552)…  I need to setup a rule
> that lets outside machines (public) talk to my firewall through those ports and
> go all the way to my private machine, since it’s this one the one with the
> services on UDP port 8551 and 8552 (back and forth communication).  
> 
>  
> 
> I’ve seen posts about dnat, but I’m unsure of how to use this and also
> what the difference is between it and snat and just nat.  Do I run this as a service?, a route
> rule?  will I have to include a rule for outside coming in as well as a rule for inside going out?  I’m lost!
> 
>  
> 
> Please help!
> 
>  		 	   		  
> _________________________________________________________________
> Hotmail: Free, trusted and rich email service.
> http://clk.atdmt.com/GBL/go/171222984/direct/01/
> 
> 
> ------------------------------------------------------------------------
> 
> ------------------------------------------------------------------------------
> Come build with us! The BlackBerry(R) Developer Conference in SF, CA
> is the only developer event you need to attend this year. Jumpstart your
> developing skills, take BlackBerry mobile applications to market and stay 
> ahead of the curve. Join us from November 9 - 12, 2009. Register now!
> http://p.sf.net/sfu/devconference
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Firehol-support mailing list
> Firehol-support at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/firehol-support

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20091013/cc9bf36f/attachment-0001.sig>


More information about the Firehol-support mailing list