[PLUG] floppyfw, port forwarding
Galen Seitz
galens at seitzassoc.com
Mon Jun 3 16:54:20 UTC 2002
> I'm trying our floppyfw and the ip masquerading part seems to work fine.
> However, I tried to direct ouside port 80 to an inside server and that didn't
> work. Any ideas?
>
Here's what I use. I restrict access to my web server to a list of know
IP's. If you want to allow anyone in, set EXTERNAL_HTTP_CLIENT to
ANYWHERE.
galen
ANYWHERE="any/0"
UNPRIVPORTS="1024:65535"
# ------------------------------------------------------------------
# HTTP server (80)
# ----------------
#
for i in $EXTERNAL_HTTP_CLIENT
do
echo "Allowing inbound www from $i"
ipchains -A input -i $OUTSIDE_DEV -p tcp \
-s $i $UNPRIVPORTS \
-d $OUTSIDE_IP www -j ACCEPT
ipchains -A output -i $OUTSIDE_DEV -p tcp ! -y \
-s $OUTSIDE_IP www \
-d $i $UNPRIVPORTS -j ACCEPT
done
if [ $INTERNAL_HTTP_IP ]; then
echo "Forwarding inbound www to $INTERNAL_HTTP_IP"
# forward inbound www connections to the internal www server
ipmasqadm portfw -a -P tcp -L $OUTSIDE_IP www -R $INTERNAL_HTTP_IP www
fi
More information about the PLUG
mailing list