On Thursday, July 01, 1999 10:37 AM, Dan Everton [SMTP:[EMAIL PROTECTED] wrote: > On Thu, 1 Jul 1999, Ralf G. R. Bergs wrote: > > There is a patch available. You can find it here > http://www.ox.compsoc.org.uk/~steve/portforwarding.html > > I think it's packaged somewhere in the Debian distribution... *checks > package listing* yes it is. You can find it here: > http://www.debian.org/Packages/stable/net/ipportfw.html
Wow. This opened some doors for me! But now, I get to flood with newbie questions. =) First of all, I have a 486-33dx4 acting as my masq-firewall. Its at Kernel 2.0.36, has a ppp0 properly set up and masquerades to a small network of 192.168.2.* addressed computers. The firewall rules are below. ipfwadm -F -p deny ipfwadm -F -a m -S192.168.2.0/24 -D 0.0.0.0/0 ipfwadm -I -p accept # the following line blocks incoming telnets since I use ssh to connect ipfwadm -I -a r -DXXX.XXX.XXX.XXX/32 23 # address removed to protect the ignorant (me). I compiled in port forwarding support and added the following lines to my setup which allowed quicktime streaming to work for my Wife's machine: ipportfw -A -tXXX.XXX.XXX.XXX/554 -R 192.168.2.2/554 # and a WHOLE BUNCH of udp routing lines. Now, what I want to do, but haven't been able to get working is a forwarding scheme for CVS. I want to have my gateway XXX.XXX.XXX.XXX box redirect its port 6060 to my workstations (192.168.2.1) cvspserver port (2401). To this affect I entered the following lines: ipportfw -A -tXXX.XXX.XXX.XXX/6060 -R 192.168.2.3/2401 ipportfw -A -uXXX.XXX.XXX.XXX/6060 -R 192.168.2.3/2401 Before I was doing portforwarding on 6060 when I telnet to that port on my box I get the message "telnet: Unable to connect to remote host: Connection refused". AFTER I add port forwarding on 6060 I get "telnet: Unable to connect to remote host: Connection timed out". The transactions are starting, they just aren't finishing. My pet theory is that this port forwarding thing isn't dealing with masquerading of the returned packets, but like I said, I'm pretty clueless with this. Any help appreciated! Jonathan Lupa ~ [EMAIL PROTECTED]