There seems to be a problem with it

Normal (TN3270 traffic originating from the relay host):

10:44:29.667165 IP doylebrunson.ailife.com.46318 > 10.1.9.2.verismart: S 
707994026:707994026(0) win 5840 <mss 1460,sackOK,timestamp 1913051656 
0,nop,wscale 7>
10:44:29.685075 IP 10.1.9.2.verismart > doylebrunson.ailife.com.46318: S 
1665830401:1665830401(0) ack 707994027 win 33396 <mss 1452,nop,wscale 
0,nop,nop,timestamp 6736695 1913051656>
10:44:29.685137 IP doylebrunson.ailife.com.46318 > 10.1.9.2.verismart: . ack 1 
win 46 <nop,nop,timestamp 1913051674 6736695>
10:44:29.707089 IP 10.1.9.2.verismart > doylebrunson.ailife.com.46318: P 1:4(3) 
ack 1 win 33396 <nop,nop,timestamp 6736695 1913051656>
10:44:29.707147 IP doylebrunson.ailife.com.46318 > 10.1.9.2.verismart: . ack 4 
win 46 <nop,nop,timestamp 1913051696 6736695>

Relayed:

10:44:04.362686 IP it-304.ailife.com.bts-appserver > 10.1.9.2.verismart: S 
3483673038:3483673038(0) win 65535 <mss 1460,nop,nop,sackOK>
10:44:07.294923 IP it-304.ailife.com.bts-appserver > 10.1.9.2.verismart: S 
3483673038:3483673038(0) win 65535 <mss 1460,nop,nop,sackOK>

...and the client times out (The TN3270 server is running on port 
3270/verismart).

Any ideas?


Frank M. Ramaekers Jr.
Systems Programmer                   MCP, MCP+I, MCSE & RHCE
American Income Life Insurance Co.   Phone: (254)761-6649
1200 Wooded Acres Dr.                Fax:   (254)741-5777
Waco, Texas  76710

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vahur Jõesalu
Sent: Thursday, April 24, 2008 9:27 AM
To: CentOS mailing list
Subject: Re: [CentOS] TCP/IP Port Relay

hmm, if I understood you correctly, then this should work just fine (on 
linux firewall):

/sbin/iptables -t nat -I PREROUTING -p tcp --dport 23 -j DNAT \
--to telnetserverip:port-number
/sbin/iptables -I FORWARD -i external_interface -o internal_interface \ 
-p tcp -d telnetserverip --dport portnumberontelnetserver -j ACCEPT

after a reboot or firewall service restart it's gone again.

-vahur

Frank M. Ramaekers wrote:
> What is the best way to temporarily setup a port relay.  I'm trying to
> diagnose a problem with Cisco's latest VPN client and need to determine
> if the problem is port number related.
> 
> e.g.  VPN client---------23-(Linux box to relay port)-------xx-(Telnet
> server)
> 
> (Keep in mind this is temporary and for debugging purposes)
> 
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

_____________________________________________________
This message contains information which is privileged and confidential and is 
solely for the use of the
intended recipient. If you are not the intended recipient, be aware that any 
review, disclosure,
copying, distribution, or use of the contents of this message is strictly 
prohibited. If you have
received this in error, please destroy it immediately and notify us at [EMAIL 
PROTECTED]
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Reply via email to