Find the answer to your Linux question:
Results 1 to 4 of 4
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    ipchains - help with ext to int

    I would like to run a webserver on my network behind my linux firewall. I am using ipchains currently which masqs traffic from internal to external without issues.. but I'm stuck trying to open a port to the internal network.

    ppp0 is my external facing nic
    eth1 is my internal facing nic is the machine I wish to connect ppp0:8080 too
    From localhost on the linux box I can telnet to this machine

    I think I have tried everything with no success....

    For testing... I have turn my firewall off and have input/forward and output set to ACCEPT

    # I created a new chain
    ipchains -N web

    # catch 8080 and forward to web chain
    ipchains -I input -p tcp -s 0/0 8080 -j web

    ipchains -A web -s 0/0 8080 -d 8080 -j MASQ

    Please help


  2. #2
    Linux Guru
    Join Date
    Apr 2003
    London, UK
    is there any reason your using ipchains and not iptables?

    iptables is the newer version of the two, with a few extra features thrown it. I never actually used ipchains becuase by the time i started using linux, iptables was the norm.

    You may be able to find some documentation on if no one else can remember anything about ipchains.


  3. #3
    Quote Originally Posted by jasonlambert
    is there any reason your using ipchains and not iptables?

    When I started using linux ipchains was what the cool kids were using. During my upgrades I just moved my firewall ruleset from machine to machine.. never a hassle until slackware 9.1.... ipchains was not there.

    I tried configuring my firewall with iptables but I am getting old and hate change. After some fighting about with iptables I installed ipchains, insert my old rules again and without having to work hard had my network up and running again.

    I do have plans to convert to iptables... just not today.


  4. $spacer_open
  5. #4
    ok... I am one of the cool kids ... I switched to iptables... well I started too.

    iptables solved my issue...

    # Nat my internal traffic out
    iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
    echo 1 > /proc/sys/net/ipv4/ip_forward

    # Map external traffic to my internal machine
    iptables -A PREROUTING -t nat -p tcp -d --dport 8080 -j DNAT --to

    This was easy... now I just have to convert my ipchains firewall rules and I'm done.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts