Greetings, I've spent most of the day exploring the world of firewalling with Debian 2.0.
if I use ipfwadm-wrapper with the following commands, everything works properly. Like so: ipfwadm-wrapper -F -a accept -P tcp -S 0/0 1024:65535 -D 172.16.0.2 http ipfwadm-wrapper -I -a accept -P tcp -S 0/0 1024:65535 -D 172.16.0.2 http ipfwadm-wrapper -O -a accept -P tcp -S 0/0 1024:65535 -D 172.16.0.2 http 172.16.0.2 is the private IP of the webserver. Anyway, the above commands work just fine. However, I "translated" them to ipchains, which is native to debian 2.0, and much faster than ipfwadm-wrapper, according to all of the FAQs, support pages, and related information on ipfwadm-wrapper. I ended up with this: ipchains -A input -p tcp -s 0/0 1024:65535 -d 172.16.0.2 80 ipchains -A forward -p tcp -s 0/0 1024:65535 -d 172.16.0.2 80 ipchains -A output -p tcp -s 0/0 1024:65535 -d 172.16.0.2 80 I had tried putting them in different order, but that seemingly doesn't make a difference. What I'm trying to do here is have all HTTP requests that hit my linux box, be routed as-is to the webserver (and eventually other servers) hiding behind it. Thanks in advance for any assistance. I've downloaded and printed out many, many faqs, but I think I don't understand the input/forward/output part well enough to really grasp whatever it is I'm missing here. Frederic Breitwieser Bridgeport, CT 06606 Homebrew Automotive Website: http://www.xephic.dynip.com/ Wanted - RWD Buick Flywheel that fits the 3.8L / 4.1L! -
