[NTLUG:Discuss] Punch through firewall
Bob Byron
bbyron at radit.com
Fri Mar 3 02:33:08 CST 2000
Hate to say it, but I still am having trouble understanding how I am
supposed to accomplish my task. I have reviewed quite a bit of the
documentation and have yet to figure it out. Let me restate what I
need to do.
I have a local network using addresses 192.168.1.X.
I have a Linux server configured as the gateway machine for
the local network utilizing ip masquerading to access the internet.
I have 5 ip addresses available for my use: 200.200.200.200
through 200.200.200.204 (These addresses are not my real ip
addresses)
The server (Linux System) can be seen from the internet by using
200.200.200.200.
I am using ipchains to accomplish that.
Now my problem is, I need to have machine 3 (in the example
below to be seen from the internet. Since I do have 5 ip addresses
available to me, I would like for people on the internet to access
200.200.200.201 and have the Linux server redirect the traffic to
my local Machine 3 (192.168.1.13).
(I am using Redhat 6.1 - kernel 2.2.12 - ipchains firewall)
Internet
-------------|--------------
eth0 (200.200.200.200)
LINUX SYSTEM
eth1 (192.168.1.1)
-------------|--------------
local network
(192.168.1.X)
Machine 1 Machine 2 Machine 3
192.168.1.11 192.168.1.12 192.168.1.13
I am hoping someone will spell out the command for me since I am
very new at this type of administration.
Bob Byron
RAD Systems, Inc.
www.radit.com
(972)516-4256
----- Original Message -----
From: "Jonathan Miller" <betaray at kludge.org>
To: <discuss at ntlug.org>
Sent: Thursday, March 02, 2000 12:32 PM
Subject: Re: [NTLUG:Discuss] Punch through firewall
You can either use NAT (Network Address Translation) or Port
Forwarding. Since you've got the addresses I'd say go with NAT. That'll
allow you to say 200.200.200.201 -> 192.168.1.200. Port fowarding does
exactly like it sounds like it does i.e. 200.200.200.201:80 ->
192.168.1.200:80
Information for setting up NAT with 2.2 can be found
at: http://www.linuxdoc.org/HOWTO/Net-HOWTO-8.html. This is all going to
change (again!) with 2.4, but that's life.
-- Jonathan
On Thu, 2 Mar 2000, Bob Byron wrote:
> I am using Redhat 6.1 running an ipchains firewall.
>
> Internet ===|eth0 -- LINUX SYSTEM -- eth1|=== local network
> The local network has 168.192.1.X addresses.
> I have a machine behind a firewall that I want to access from the
> interenet. How do I create a bridge through the firewall to that one
> machine? Let's assume I have the domain range of 200.200.200.200
> through 200.200.200.205, and eth0 had the address of 200.200.200.200.
> I want to use the address 200.200.200.201 to address the machine
> behind the firewall, how would I go about that? Ideally I want the
address
> 200.200.200.201 to be translated to 192.168.1.200 (the address of the
> local machine.
>
> Thank You,
> Bob Byron
> RAD Systems, Inc.
> www.radit.com
> (972)516-4256
>
>
_______________________________________________
http://ntlug.org/mailman/listinfo/discuss
More information about the Discuss
mailing list