RE: [CentOS] TCP/IP Port Relay

2008-04-24 Thread Frank M. Ramaekers
o: CentOS mailing list Subject: Re: [CentOS] TCP/IP Port Relay well you can't - to the best of my knowledge. And I cannot see the reason for wanting it. The idea of using -i and -o in FORWARD chain is to specify the direction traffic is allowed to go. It could be that firewall is blocking all ou

RE: [CentOS] TCP/IP Port Relay

2008-04-24 Thread Frank M. Ramaekers
ehalf Of Vahur Jõesalu Sent: Thursday, April 24, 2008 11:28 AM To: CentOS mailing list Subject: Re: [CentOS] TCP/IP Port Relay to clarify. your rules that you entered were (I am replacing it-304.ailife.com here with 10.1.1.1, and external_interface with eth0, and internal_interface with eth1 - for

Re: [CentOS] TCP/IP Port Relay

2008-04-24 Thread Vahur Jõesalu
well you can't - to the best of my knowledge. And I cannot see the reason for wanting it. The idea of using -i and -o in FORWARD chain is to specify the direction traffic is allowed to go. It could be that firewall is blocking all outgoing traffic. Omitting -i and -o would allow the internal se

Re: [CentOS] TCP/IP Port Relay

2008-04-24 Thread Vahur Jõesalu
8 9:27 AM To: CentOS mailing list Subject: Re: [CentOS] TCP/IP Port Relay hmm, if I understood you correctly, then this should work just fine (on linux firewall): /sbin/iptables -t nat -I PREROUTING -p tcp --dport 23 -j DNAT \ --to telnetserverip:port-number /sbin/iptables -I FORWARD -i external

RE: [CentOS] TCP/IP Port Relay

2008-04-24 Thread Frank M. Ramaekers
Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vahur Jõesalu Sent: Thursday, April 24, 2008 9:27 AM To: CentOS mailing list Subject: Re: [CentOS] TCP/IP Port Relay hmm, if I understood you correctly, then this should work just fine (on linux firewall): /sbin/iptables -t

RE: [CentOS] TCP/IP Port Relay

2008-04-24 Thread Frank M. Ramaekers
as 76710 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vahur Jõesalu Sent: Thursday, April 24, 2008 9:27 AM To: CentOS mailing list Subject: Re: [CentOS] TCP/IP Port Relay hmm, if I understood you correctly, then this should work just fine (on linux

Re: [CentOS] TCP/IP Port Relay

2008-04-24 Thread James Pifer
On Thu, 2008-04-24 at 17:27 +0300, Vahur Jõesalu wrote: > hmm, if I understood you correctly, then this should work just fine (on > linux firewall): > > /sbin/iptables -t nat -I PREROUTING -p tcp --dport 23 -j DNAT \ > --to telnetserverip:port-number > /sbin/iptables -I FORWARD -i external_interf

Re: [CentOS] TCP/IP Port Relay

2008-04-24 Thread Vahur Jõesalu
hmm, if I understood you correctly, then this should work just fine (on linux firewall): /sbin/iptables -t nat -I PREROUTING -p tcp --dport 23 -j DNAT \ --to telnetserverip:port-number /sbin/iptables -I FORWARD -i external_interface -o internal_interface \ -p tcp -d telnetserverip --dport portn

[CentOS] TCP/IP Port Relay

2008-04-24 Thread Frank M. Ramaekers
What is the best way to temporarily setup a port relay. I'm trying to diagnose a problem with Cisco's latest VPN client and need to determine if the problem is port number related. e.g. VPN client-23-(Linux box to relay port)---xx-(Telnet server) (Keep in mind this is temporary and