Rodolfo, Can this be used on an ISP webserver, or does this only apply to a dedicated firewall? Thanks.
-- Jonathan M. Slivko <[EMAIL PROTECTED]> Systems Administrator - Hpro Development 200 - 4170 Still Creek Drive Burnaby, BC V5A1M4 Canada Office Phone #: (604) 473-7799 Office Fax #: (604) 299-4511 Mobile Phone #: (917) 208-0581 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rodolfo J. Paiz Sent: Wednesday, September 03, 2003 10:03 PM To: [EMAIL PROTECTED] Subject: Re: Port Forward 1 Port At 09:35 9/3/2003 -0400, you wrote: >I have a RH8 machine on a private net that has iptables but everything >is set to ACCEPT. I need to forward port 162 to another machine. Is >there an easy way to do this with iptables without having a full fledged >firewall running with a bunch of rules? As long as iptables is running, you _already_ have a "full-fledged firewall" running. Adding one or two rules is not going to make much of a change. Personally, I set up and run Shorewall (www.shorewall.net) on every box. Shorewall is just a bunch of scripts that set up your iptables rules the way you want them, but after it runs there is nothing but iptables. Extremely sophisticated, powerful, and yet easy to use, highly recommended. Once set up properly (all of 10 minutes your first time through), all you would need to add to /etc/shorewall/rules would be: DNAT local:192.168.0.2 local:192.168.0.14 udp 162 Piece of cake. (There might be an error in that rule, since I just typed it up and it "looked right", but in the worst case post again and I'll give you one that does work.) -- Rodolfo J. Paiz [EMAIL PROTECTED] -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
