Subject: Re: ipautofw not working
Date: Wed, Jun 02, 1999 at 11:08:03AM -0700
In reply to:George Bonser
Quoting George Bonser([EMAIL PROTECTED]):
> On Wed, 2 Jun 1999, Wayne Topa wrote:
>
> > > To make it clear, I can use ipfwadm ok, but I can't use ipautofw.
> > >
> > > Any clue?
> > >
> >
> > Clue #1 is to look for the information on your system 'first'!
> >
> > "From /usr/src/linux/Documentation/Changes"
> > As of 2.1.102, the IP firewalling code has been replaced; ipfwadm
> > will no longer work. You need to obtain "ipchains," available from
> > http://www.rustcorp.com/linux/ipchains/ , and use that instead of
> > ipfwadm.
> >
> > To use masq forwarding you will need to obtain "ipmasqadm,"
> > available from http://juanjox.linuxhq.com/ .
> >
>
> Except that the person is not talking about having problems masquerading,
> the problem seems to be port forwarding.
opps, forgot another reference
IP: ipportfw masquerade support
CONFIG_IP_MASQUERADE_IPPORTFW
Port Forwarding is an addition to IP Masquerading which allows some
forwarding of packets from outside to inside a firewall on given
ports. This could be useful if, for example, you want to run a web
server behind the firewall or masquerading host and that web server
should be accessible from the outside world. An external client
sends a request to port 80 of the firewall, the firewall forwards
this request to the web server, the web server handles the request
and the results are sent through the firewall to the original
client. The client thinks that the firewall machine itself is
running the web server. This can also be used for load balancing if
you have a farm of identical web servers behind the firewall.
Information about this feature is available from
http://www.monmouth.demon.co.uk/ipsubs/portforwarding.html (to
browse the WWW, you need to have access to a machine on the Internet
that has a program like lynx or netscape). For general info, please
see ftp://ftp.compsoc.net/users/steve/ipportfw/linux21/
You will need the user space program "ipmasqadm" which can be
downloaded from http://juanjox.linuxhq.com/
The portfw code is still under development and so is currently
marked EXPERIMENTAL. If you want to try it, say Y.
This code is also available as a module ( = code which can be
inserted in and removed from the running kernel whenever you want).
The module will be called ip_masq_portfw.o. If you want to compile
it as a module, say M here and read Documentation/modules.txt.
--
A Law of Computer Programming:
Make it possible for programmers to write in English and you
will find the programmers cannot write in English.
_______________________________________________________
Wayne T. Topa <[EMAIL PROTECTED]>
