David A. Ranch <[EMAIL PROTECTED]> wrote:
>
> I need to enable outgoing rlogin from my masqueraded hosts. This
> almost works, of course, except for the privileged port problem. That
> is, the masqueraded packets come from a source port >60K, and rlogind
> will not accept a rlogin session from a non-privileged source port.
I thought that was the whole reason for using the >60K port numbers, was
so that the traffic can be recognized as being in the masq range, and
de-masqueraded properly. Seems like a design issue.
I don't know of any way to convince an rlogind to accept a connection on
a non-root (>1024) port. Seems like you would need to use some sort of
proxy, to send the traffic through on a low port, without the
masquerade.
Hey, I bet transparent-proxy could do it! I did a very similar thing
that sends connections through a SOCKS-server. I bet the same could be
done for rsh/rlogin/rexec traffic. Sounds like fun. I think I'll work
on it. :)
--
[EMAIL PROTECTED] (Fuzzy Fox) || "Nothing takes the taste out of peanut
sometimes known as David DeSimone || butter quite like unrequited love."
http://www.dallas.net/~fox/ || -- Charlie Brown
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
