[lug] IP Chains/Firewall Question

Chip Atkinson chip at pupman.com
Wed Dec 1 21:37:01 MST 1999


Your friend might wish to look at the REDIRECT target.  From the
IPCHAINS-HOWTO:

  The other major special target is REDIRECT which tells the kernel to
  send a packet to a local port instead of wherever it was heading.
  This can only be specified for rules specifying TCP or UDP as their
  protocol.  Optionally, a port (name or number) can be specified
  following `-j REDIRECT' which will cause the packet to be redirected
  to that particular port, even if it was addressed to another port.
  This target is only valid for packets traversing the input chain.

They may also want to look at masquerading.  Perhaps some sort of reverse
masquerading would work.  My faith in this idea is pretty low though.

Chip
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 Chip Atkinson 
 http://www.pupman.com 
 --- If I can't fix it, I can fix it so it can't be fixed --
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

On Wed, 1 Dec 1999, Ed Meyer wrote:

> I'm passing this along for a friend who has his firewall set up but
> doesn't have email working yet. 
> 
> On the Linux firewall with IP Chains.  How do you open up a specific
> port to be rerouted to a server behind the firewall.  To be specific he
> wants to host a Half Life server behind the firewall.  I can't remember
> the port numbers so I'll use the ones from Quake 2.  When Q2 is looking
> for a server it queries 27910 (i.e 206.168.3.76:27910)  How do you open
> that port up to map to - say 192.168.0.10:27910. 
> 
> Thanks in advance...
> Ed Meyer
> 
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> 





More information about the LUG mailing list