There seems to be a problem with it Normal (TN3270 traffic originating from the relay host):
10:44:29.667165 IP doylebrunson.ailife.com.46318 > 10.1.9.2.verismart: S 707994026:707994026(0) win 5840 <mss 1460,sackOK,timestamp 1913051656 0,nop,wscale 7> 10:44:29.685075 IP 10.1.9.2.verismart > doylebrunson.ailife.com.46318: S 1665830401:1665830401(0) ack 707994027 win 33396 <mss 1452,nop,wscale 0,nop,nop,timestamp 6736695 1913051656> 10:44:29.685137 IP doylebrunson.ailife.com.46318 > 10.1.9.2.verismart: . ack 1 win 46 <nop,nop,timestamp 1913051674 6736695> 10:44:29.707089 IP 10.1.9.2.verismart > doylebrunson.ailife.com.46318: P 1:4(3) ack 1 win 33396 <nop,nop,timestamp 6736695 1913051656> 10:44:29.707147 IP doylebrunson.ailife.com.46318 > 10.1.9.2.verismart: . ack 4 win 46 <nop,nop,timestamp 1913051696 6736695> Relayed: 10:44:04.362686 IP it-304.ailife.com.bts-appserver > 10.1.9.2.verismart: S 3483673038:3483673038(0) win 65535 <mss 1460,nop,nop,sackOK> 10:44:07.294923 IP it-304.ailife.com.bts-appserver > 10.1.9.2.verismart: S 3483673038:3483673038(0) win 65535 <mss 1460,nop,nop,sackOK> ...and the client times out (The TN3270 server is running on port 3270/verismart). Any ideas? Frank M. Ramaekers Jr. Systems Programmer MCP, MCP+I, MCSE & RHCE American Income Life Insurance Co. Phone: (254)761-6649 1200 Wooded Acres Dr. Fax: (254)741-5777 Waco, Texas 76710 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vahur Jõesalu Sent: Thursday, April 24, 2008 9:27 AM To: CentOS mailing list Subject: Re: [CentOS] TCP/IP Port Relay hmm, if I understood you correctly, then this should work just fine (on linux firewall): /sbin/iptables -t nat -I PREROUTING -p tcp --dport 23 -j DNAT \ --to telnetserverip:port-number /sbin/iptables -I FORWARD -i external_interface -o internal_interface \ -p tcp -d telnetserverip --dport portnumberontelnetserver -j ACCEPT after a reboot or firewall service restart it's gone again. -vahur Frank M. Ramaekers wrote: > What is the best way to temporarily setup a port relay. I'm trying to > diagnose a problem with Cisco's latest VPN client and need to determine > if the problem is port number related. > > e.g. VPN client---------23-(Linux box to relay port)-------xx-(Telnet > server) > > (Keep in mind this is temporary and for debugging purposes) > _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos _____________________________________________________ This message contains information which is privileged and confidential and is solely for the use of the intended recipient. If you are not the intended recipient, be aware that any review, disclosure, copying, distribution, or use of the contents of this message is strictly prohibited. If you have received this in error, please destroy it immediately and notify us at [EMAIL PROTECTED] _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos