Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

port forwarding just won't work?? :)

From: MCM Interactive <bevan () mcminteractive com au>
Date: Mon, 30 Jul 2001 12:32:01 +1000
Hi.

I have read numerous documents and mailing lists, everything I read says
this is easy and that this should work.
But alas it doesn't :( I have tried over and over again. Am I missing
something obvious does any know
what else I can try?

I know the firwall is very open. I'm just testing at this point and
haven't locked it up yet.


Network:


             203.xx.xx.235                        203.xx.xx.233
        ----------                          -----------
        -   Firewall   -  ---------  - Test Box     -
        ----------                          -----------
            192.168.0.95

                    |--------------------|
                    |                                               |
           192.18.0.1                                  192.18.0.1
         -----------                       ------------
         - WEbserver -                       - Internal Host -
         -----------                        ------------

Firewall Setup:

# ipchains -nL
Chain input (policy ACCEPT):
Chain forward (policy DENY):
target      prot      opt            source
destination    ports
MASQ    all        ------    192.168.0.0/24    0.0.0.0/0        n/a
Chain output (policy ACCEPT):


#ipmasqadm portfw -l
prot    localaddr            rediraddr        lport      rport
pcnt    pref
TCP    203.xx.xx.235    192.168.0.1    www    www        10     10


TCPDUMP output when attempting connect from 203.xx.xx.233:

# /usr/sbin/tcpdump -i eth0 host 203.xx.xx.235
tcpdump: listening on eth0
12:25:02.738471 203.xx.xx.233.4567 > 203.xx.xx.235.www: S
586690575:586690575(0) win 32120 <mss 1460,sackOK,timestamp
95145679[|tcp]> (DF)
12:25:05.737813 203.xx.xx.233.4567 > 203.xx.xx.235.www: S
586690575:586690575(0) win 32120 <mss 1460,sackOK,timestamp
95145979[|tcp]> (DF)
12:25:11.737812 203.xx.xx.233.4567 > 203.xx.xx.235.www: S
586690575:586690575(0) win 32120 <mss 1460,sackOK,timestamp
95146579[|tcp]> (DF)
12:25:23.737779 203.xx.xx.233.4567 > 203.xx.xx.235.www: S
586690575:586690575(0) win 32120 <mss 1460,sackOK,timestamp
95147779[|tcp]> (DF)
12:25:47.737804 203.xx.xx.233.4567 > 203.xx.xx.235.www: S
586690575:586690575(0) win 32120 <mss 1460,sackOK,timestamp
95150179[|tcp]> (DF)


_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: