As was implied before, both interfaces are connected internally (IntrA-net) and
before I try the relay with VPN, I'm testing it on another internal computer
(just to eliminate any VPN potential problems).
Frank M. Ramaekers Jr.
Systems Programmer MCP, MCP+I, MCSE & RHCE
American Income Life Insurance Co. Phone: (254)761-6649
1200 Wooded Acres Dr. Fax: (254)741-5777
Waco, Texas 76710
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vahur Jõesalu
Sent: Thursday, April 24, 2008 11:28 AM
To: CentOS mailing list
Subject: Re: [CentOS] TCP/IP Port Relay
well you can't - to the best of my knowledge. And I cannot see the
reason for wanting it. The idea of using -i and -o in FORWARD chain is
to specify the direction traffic is allowed to go. It could be that
firewall is blocking all outgoing traffic. Omitting -i and -o would
allow the internal server to initiate traffic to port 23 anywhere in the
internet.
Virtual interface is for assigning additional IP-s to same interface, so
any rules regarding interface still apply to the whole of physical
network card.
-vahur
James Pifer wrote:
> On Thu, 2008-04-24 at 17:27 +0300, Vahur Jõesalu wrote:
>> hmm, if I understood you correctly, then this should work just fine (on
>> linux firewall):
>>
>> /sbin/iptables -t nat -I PREROUTING -p tcp --dport 23 -j DNAT \
>> --to telnetserverip:port-number
>> /sbin/iptables -I FORWARD -i external_interface -o internal_interface \
>> -p tcp -d telnetserverip --dport portnumberontelnetserver -j ACCEPT
>>
>> after a reboot or firewall service restart it's gone again.
>>
>> -vahur
>
> Sorry to jump in on someone else's thread, but... How do you do this if
> the interface you want to use is a virtual? Meaning it's eth0:1 for
> example? The -i parameter will not let you use that.
>
> Thanks,
> James
>
> _______________________________________________
> CentOS mailing list
> [email protected]
> http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
[email protected]
http://lists.centos.org/mailman/listinfo/centos
_____________________________________________________
This message contains information which is privileged and confidential and is
solely for the use of the
intended recipient. If you are not the intended recipient, be aware that any
review, disclosure,
copying, distribution, or use of the contents of this message is strictly
prohibited. If you have
received this in error, please destroy it immediately and notify us at [EMAIL
PROTECTED]
_______________________________________________
CentOS mailing list
[email protected]
http://lists.centos.org/mailman/listinfo/centos
