Re: Portforwarding with ipchains on 2.4 kernel
From: Mogens Valentin (mogens_at_mtek.dk)
Date: Fri, 27 Jun 2003 16:35:47 +0200
Mogens Valentin wrote:
> I need to portforward from the internet to a host behind a Linux
> firewall using ipchains. Yes, iptables is preferred, but...
> Ascii art:
> 10.0.0.2 10.10.0.1 10.10.0.10
> On the linuxfirewall, I have a virtual if, eth0:1, with IP 10.0.0.9 .
> The router already does a 1:1 nat which works.
> Of cause, I'll need firewallrules allowing needed traffic from 10.0.0.9
> to 10.10.0.10 . Those are in place, AFAIC.
> Using ipchains, I guess I'll need ipmasqadm with something like:
> ipmasqadm portforward -a -p tcp -l 10.0.0.9 port -r 10.10.0.10 port
> Problem is, it seems I do not have ipmasqadm on the system. I may be
> missing something in the kernel setup, or need an external package.
Well, I tryed to use ipmasqadm.0.4.2-4.rpm, which I downloaded from
rpm -i --test didn't protest, so I installed it.
I got some errors when executing above ipmasqadm portfw jadijadi...
ipmasqadm portfw -l produced these errors:
Could not open "/proc/net/ip_masq/portfw"
Could not open "/proc/net/ip_portfw"
Needless to say that the ipmasqadm package has not been adapted for
use with the changed /proc structure in 2.4 kernels.
Guess I'll have to rebuild the kernel for pure iptables support, and
rewrite ipchains rules for iptables.
I'd still like comments, if anyone has managed to make ipmasqadm or
other 1:1 nat technique work with ipchains on a 2.4 kernel.
Have a nice weekend,