Find the answer to your Linux question:
Results 1 to 4 of 4
I would like to run a webserver on my network behind my linux firewall. I am using ipchains currently which masqs traffic from internal to external without issues.. but I'm ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. 03-31-2004 #1
    rzilavec
    rzilavec is offline
    Just Joined!
    Join Date
    Mar 2004
    Posts
    30

    ipchains - help with ext to int

    I would like to run a webserver on my network behind my linux firewall. I am using ipchains currently which masqs traffic from internal to external without issues.. but I'm stuck trying to open a port to the internal network.

    ppp0 is my external facing nic 123.123.123.123
    eth1 is my internal facing nic 192.168.0.1
    192.168.0.2 is the machine I wish to connect ppp0:8080 too
    From localhost on the linux box I can telnet to this machine

    I think I have tried everything with no success....

    For testing... I have turn my firewall off and have input/forward and output set to ACCEPT

    # I created a new chain
    ipchains -N web

    # catch 8080 and forward to web chain
    ipchains -I input -p tcp -s 0/0 8080 -j web

    ipchains -A web -s 0/0 8080 -d 192.168.0.2 8080 -j MASQ

    Please help

    Richard.
    Reply With Quote Reply With Quote
  2. 03-31-2004 #2
    jasonlambert
    jasonlambert is offline
    Linux Guru
    Join Date
    Apr 2003
    Location
    London, UK
    Posts
    3,284
    is there any reason your using ipchains and not iptables?

    iptables is the newer version of the two, with a few extra features thrown it. I never actually used ipchains becuase by the time i started using linux, iptables was the norm.

    You may be able to find some documentation on www.netfilter.org if no one else can remember anything about ipchains.

    Jason
    Reply With Quote Reply With Quote
  3. 03-31-2004 #3
    rzilavec
    rzilavec is offline
    Just Joined!
    Join Date
    Mar 2004
    Posts
    30
    Quote Originally Posted by jasonlambert
    is there any reason your using ipchains and not iptables?

    Jason
    When I started using linux ipchains was what the cool kids were using. During my upgrades I just moved my firewall ruleset from machine to machine.. never a hassle until slackware 9.1.... ipchains was not there.

    I tried configuring my firewall with iptables but I am getting old and hate change. After some fighting about with iptables I installed ipchains, insert my old rules again and without having to work hard had my network up and running again.

    I do have plans to convert to iptables... just not today.


    Richard
    Reply With Quote Reply With Quote
  4. 04-01-2004 #4
    rzilavec
    rzilavec is offline
    Just Joined!
    Join Date
    Mar 2004
    Posts
    30
    ok... I am one of the cool kids ... I switched to iptables... well I started too.

    iptables solved my issue...

    # Nat my internal traffic out
    iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
    echo 1 > /proc/sys/net/ipv4/ip_forward

    # Map external traffic to my internal machine
    iptables -A PREROUTING -t nat -p tcp -d 1.2.3.4 --dport 8080 -j DNAT --to 192.168.0.2:8080

    This was easy... now I just have to convert my ipchains firewall rules and I'm done.

    Richard
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules