Thanks, but I'd like to get a solid understanding of packet handling / port forwarding before I replace the gateway for all the users.
On 8/5/06, Joshua D. Drake <[EMAIL PROTECTED]> wrote:
Seth Wegner wrote: > I have a limited gateway that can only hold a few port forward > entries. I have a debian sarge box on my internal network. I have no > DMZ. I would like to forward a range of ports from the gateway to the > debian box (say 5900-5999) and then forward those ports to various > users on the network so they can use Ultravnc Single Click, in order > to work around the limitation of the gateway. I would eventually like > to replace the gateway with a debian box, but I thought I'd learn more > about how this works first. I think I'm missing a fundamental concept > around the traffic coming in and going out on the same network. You may want to see if your gateway can specify a dmz host. That way all packets are automatically directed to Debian and you use Debian to control everything. Joshua D. Drake > > I tried forwarding one port to the debian box, then telling the debian > box to forward to a workstation with the following commands, trying to > ultravnc single click connect from outside (a dial up connection) to > the listening workstation after each command. The traffic was never > seen on the workstation. > > $iptables -A FORWARD -i eth0 -o eth0 -p tcp --dport 5904 -m state > --state NEW,ESTABLISHED,RELATED -j ACCEPT > > $iptables -A PREROUTING -t nat -p tcp -d [ip of debian box] --dport > 5904 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to [ip of > workstation]:5904 > _______________________________________________ > PDXLUG (a Portland Linux user group) mailing list > [email protected] > http://lists.pdxlug.org/mailman/listinfo/pdxlug > IRC: irc.freenode.net #pdxlug & #orlug -- === The PostgreSQL Company: Command Prompt, Inc. === Sales/Support: +1.503.667.4564 || 24x7/Emergency: +1.800.492.2240 Providing the most comprehensive PostgreSQL solutions since 1997 http://www.commandprompt.com/
_______________________________________________ PDXLUG (a Portland Linux user group) mailing list [email protected] http://lists.pdxlug.org/mailman/listinfo/pdxlug IRC: irc.freenode.net #pdxlug & #orlug
