by vlad » Sun, 07 Mar 2004 23:28:19
1. Port forwarding, NAT and LAN-to-LAN connections
Hello all,
Here's a stumper. I'm using Debian 2.2 and ipchains to set up a bunch
of services running on a LAN with only one external host doing
port-by-port forwarding to the hosts on the LAN. So,
External IP 24.68.84.12:80 forwarded to --> 192.168.1.2:80
and
External IP 24.68.84.12:25 forwarded to --> 192.168.1.2:25
With a couple of simple statements to ipmasqadm:
ipmasqadm portfw -f
ipmasqadm portfw -a -P tcp -L 24.68.84.12 80 -R 192.168.1.2 80
ipmasqadm portfw -a -P tcp -L 24.68.84.12 25 -R 192.168.1.2 25
this works like a charm in all cases but one-- when the connection is
initiated from a host inside of the LAN. So, if host 192.168.1.10
tries to connect to 24.68.84.12:80, nothing happens. tcpdump shows
that packets are flying about, but the connection is never officially
opened.
I suspect that this has to do with the way that MASQ works in linux,
but I am not sure. I have scoured this list and it seems that the only
thing that comes close in posting is this post:
http://groups.google.com/groups?hl=en&threadm=3a1a4b0e.0%40d2o68.teli...
but there was never an acceptable resolution. Using DNS to
short-circuit the firewall's NAT seems kludgey.
Any help would be greatly appreciated.
Antonio
PS the rest of my rules are set as promiscous as possible for the
purposes of solving this problem:
ipchains -F
ipchains -P input ACCEPT
ipchains -P output ACCEPT
ipchains -P forward ACCEPT
ipchains -P forward -s 192.168.1.0/24 -j MASQ
and everything else (NAT, forwarding from an external address) is
working jsut fine.
3. IP-Forwarding PPP-LAN but not LAN-LAN
5. ftp server within lan and behind router.
6. How to stop dtlogin but run Xserver
7. LAN-to-LAN VPN(Poptop+PPTP client) problem
9. LAN <--> LAN via ppp - ROUTING PROBLEM
10. VPN mpd LAN-to-LAN Routing Problem?
11. NAT LAN Problem
12. How to configure Linux for a LAN of NT machines + 3COM 3C891 LAN Modem
13. project: samba over a lan-phoneline-lan connection.