Never mind. Found my problem. My problem was with the machine running the web server inside the local network, not with the firewall machine.
On Wed, 13 Jun 2001 [EMAIL PROTECTED] wrote: > I have a Linux machine (Debian unstable with kernel 2.2.18) that is > successfully masquerading for our local network. I want to do port > forwarding so that machines on the Internet can see the web server of a > machine on the local net. Following the IP-Masquerading howto, I have the > following script which sets up the masquerading and attempts to set up the > port forwarding as well: > > /sbin/depmod -a > /sbin/modprobe ip_masq_ftp > echo "1" > /proc/sys/net/ipv4/ip_forward > echo "1" > /proc/sys/net/ipv4/ip_always_defrag > echo "1" > /proc/sys/net/ipv4/ip_dynaddr > /sbin/ipchains -M -S 7200 10 160 > /sbin/ipchains -P forward DENY > /sbin/ipchains -A forward -i eth1 -s 10.3.0.0/24 -j MASQ > MYIP=X.X.X.X > /usr/sbin/ipmasqadm portfw -f > /usr/sbin/ipmasqadm portfw -a -P tcp -L $MYIP 80 -R 10.3.0.50 80 > > Where X.X.X.X is the IP address of the interface on the masquerading > machine visible to machines on the Internet. > > Port forwarding isn't working though. It is apparent that something is > happening as that now the web server on the masquerading machine no longer > responds (as I assume traffic is indeed trying to be forwarded) but > neither does the machine I'm trying to forward to respond. Can anyone see > any problems with my firewall script? > > "ipmasqadm portfw -l" returns: > > prot localaddr rediraddr lport rport pcnt pref > TCP X.X.X.X 10.3.0.150 80 80 10 10 > > Which, as far as I can tell, looks correct. Any clues are greatly > appreciated. > > Thanks, > > Gerry > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
