SLUG Mailing List Archives - RE: [SLUG] ipfwadm

To: Marty Richards <marty@xxxxxxxxxxxxxxxxxxxxx>
Subject: RE: [SLUG] ipfwadm
From: Paul Robinson <p_d_robinson@xxxxxxxxxxxxxxxx>
Date: Tue Feb 20 07:27:01 2001
Cc: slug@xxxxxxxxxxx

Thanks Marty,

When you said it was really easy I thought "sure sure" but thatwas amazingly easy to setup and write out rules for, installed andconfigured in about 3 mins and that's including downloading and reading theREADME and man file. From reading through the man file, and could not findany mention of how it interacts with other software such as ipfwadm oripchains. What happens if you deny something in one program and then allowit in the other? Does it let it through or does the program that is denyingthe particular connection stop it when it is it's turn to filter thepackets? I only ask because easy to install usually means easy to circumvent.

Terry, I'd checked the slug archives already and couldn't find any articlesthat addressed this problem (just lots of hits on articles saying "youcould use ipfwadm"). Thanks anyway.


Paul
At 12:36 AM 20/02/2001 +1100, you wrote:

Hi Paul,

Have you met rinetd? Its a really easy way of portforwarding without using
ipfw or ipchains. I have a copy available for download at
www.netwaynetworks.com.au/files/linux/rinetd_tar.tar

Cheers,
Marty


On Monday, February 19, 2001 10:48 PM, Paul Robinson
[SMTP:p_d_robinson@xxxxxxxxxxxxxxxx] wrote:
> Hi guys,
>       I've been trying to get my head around some old rulesets for ipfwadm
as I
> want to add the feature of forwarding everything sent to say 8088 on my
> firewall to a particular machine inside my network 192.168.0.2
>
> What I've tried so far is the following:
>
> #Forward Web connections to your web server
> /sbin/ipfwadm -F -a accept -b -P tcp -S 0.0.0.0/0 8088 -D 192.168.0.2 80
>
> #Forward Web Connections to outside Web Server
> /sbin/ipfwadm -F -a accept -b -P tcp -S 192.168.0.2 80 -D 0.0.0.0/0
1024:65535
>
>
> I've also tried it with mas in place of accept to no avail. It's been
close
> to 2 years since I've had to mess with this and the tucows howto's (what
> used to be linux-HOWTO) don't seem to have the howto for it anymore.
>
> can anyone write out the rules required for this action or point me in the

> direction of any good faq's/howto's.
>
> nb. I'd rather not install ipchains atm as it would mean rewriting all my
> current rules (unless it's a snap on a 2.0.36 kernel)
>
> Thanks,
> Paul
>
>
> --
> SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
> More Info: http://slug.org.au/lists/listinfo/slug

Messages sorted by: [ date | thread ]
Prev by Date: Re: [SLUG] ipfwadm
Next by Date: Re: [SLUG] ipfwadm
Previous by thread: Re: [SLUG] ipfwadm
Next by thread: RE: [SLUG] ipfwadm