/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Indeed, ipchains input chain has the chance to reject incoming packets
before ipmasqadm portfw can deal with the packet.
Something like:
EXTIP="[the external address people are sending their https traffic at]"
INTIP="[the internal host you want to redirect your port 80 traffic to]"
ipchains -A input -p tcp -d $EXTIP 80 ACCEPT
ipmasqadm portfw -a -P tcp -L $EXTIP 80 -R $INTIP 80
ipchains -A input -p udp -d $EXTIP 80 ACCEPT
ipmasqadm portfw -a -P udp -L $EXTIP 80 -R $INTIP 80
Question... would udp be necessary as well?
> Then we use portfw, but my problem is that ipchain intercepts the
> packet, and DENY it before portfw can redirect.
> Do i really need to open for port 80 from the outside to the inside in
> ipchains? I was of the understanding that portfw intercepted the packet
> before ipchains could DENY it?
> Soeren Nielsen
--
Peter John Anton Technical Manager, MicroPRINT
Waltham, Mass., USA 781-890-7500
email (remove spaces): peter @ mprint . com
"God doesn't play dice with a kitty!"
You said, Einstein, so I ask thee:
We put the cat in
The box rife with toxin.
Is it God rolling dice, or are we?
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
