[lug] forward pcanywhere
Rob Nagler
nagler at bivio.net
Sun Nov 11 07:45:48 MST 2001
> is it possible to write a ipchain to forward incoming pcanywhere connections
> to clients behind my firewall using static 192.168.0.X ips. i have read
> from a outdated how to that i need a third party utility.
You can't use ipchains, but you can use ip masquerading. If you are
using RH 7.1, I highly recommend you spend the time to learn
iptables. ipchains is deprecated. iptables combines ip DNAT
(destination network address translation) and network filtering
(ipchains).
I will be doing this for one of my clients (when they decide they need
it). It's easy to do. Also, the latest PCAnywhere apparently lets
you use a different port for remote hosts, which means you only need
one static IP to handle multiple internal computers.
I don't have the time to work up an example now. Here's how you would
forward port 80 on the Internet (1.1.3.4) to an internal host
(192.168.1.1). There's no port translation:
iptables -t nat -A PREROUTING -d 1.2.3.4 -p tcp --dport 80 \
-j DNAT --to-destination 192.168.1.1
This is with port translation 8080 on inet to 80 on internal machine:
iptables -t nat -A PREROUTING -d 1.2.3.4 -p tcp --dport 8080 \
-j DNAT --to-destination 192.168.1.1:80
Cheers,
Rob
More information about the LUG
mailing list