On Thu, 8 Aug 2002, Jack Bowling wrote: > > Has anyone ever setup a port forwarding for pcanywhere through a linux > > firewall using ipchains. Can someone please give me some instructions.
Remember to enable encryption in PCAnywhere, and refuse down-negotiation -- wrappers are a good idea as are firewalls. A. yes as to 2.0.30 kernel ipautofw -r tcp 5631 5632 -h $interiorIP ipautofw -r udp 5631 5632 -h $interiorIP (from an old Owl River application note, long ago -- no idea if the note was complete -- I remember the customer site was running Solaris and a Frame Relay based network doring the 'dot-com' golden days. Now-a-days, their stock price hovers just above $1 , and 'grooming' of the price to avoid delisting has been suggested) B. yes as to IPchainss (2.2 kernel) redir or ipmasqadm as appropiate -- I don't run that kernel series in external production any more, and don't have an application note at hand. C. yes as to IPtables (2.4 kernel) script fragment to insert the rules: OUTSIDE="192.168.0.11" INSIDE="10.0.0.11" # RULES=" \ $OUTSIDE:22:udp:$INSIDE:22:udp \ $OUTSIDE:5631:udp:$INSIDE:5631:udp \ $OUTSIDE:5631:tcp:$INSIDE:5631:tcp \ $OUTSIDE:5632:udp:$INSIDE:5632:udp \ $OUTSIDE:5632:tcp:$INSIDE:5632:tcp \ $OUTSIDE:65301:tcp:$INSIDE:65301:tcp \ $OUTSIDE:65302:tcp:$INSIDE:65302:tcp \ " # # Linux 2.4 # for i in `echo $RULES`; do EXTIP=`echo $i | awk -F":" {'print $1'}` EXTPORT=`echo $i | awk -F":" {'print $2'}` EXTPROTO=`echo $i | awk -F":" {'print $3'}` # INTIP=`echo $i | awk -F":" {'print $4'}` INTPORT=`echo $i | awk -F":" {'print $5'}` INTPROTO=`echo $i | awk -F":" {'print $6'}` # $IPT -A PREROUTING -t nat -p $EXTPROTO -d $EXTIP --dport $EXTPORT \ -j DNAT --to $INTIP:$INTPORT done # Works great. -- Russ Herrold -- end ================================== .-- -... ---.. ... -.- -.-- Copyright (C) 2002 R P Herrold [EMAIL PROTECTED] NIC: RPH5 (US) My words are not deathless prose, but they are mine. Owl River Company "The World is Open to Linux (tm)" ... Open Source LINUX solutions ... [EMAIL PROTECTED] Columbus, OH -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list