routing from the outside in

routing from the outside in

Post by Mike Dixo » Thu, 13 Nov 2003 23:44:18



Can somebody point me to a simple howto on getting a redhat 9 box on the
internal network seen from the outside on port 80?

INTERNET
         |
        \/
      ippp0
  REDHAT 7.3 (2.2 kernel)
      eth0
         |
        \/
INTERNAL NETWORK
INCLUDING RH9 BOX (192.168.0.150)

Many thanks in advance
Mike Dixon

 
 
 

routing from the outside in

Post by Dragan Cola » Fri, 14 Nov 2003 01:10:52



> Can somebody point me to a simple howto on getting a redhat 9 box on the
> internal network seen from the outside on port 80?

> INTERNET
>          |
>         \/
>       ippp0
>   REDHAT 7.3 (2.2 kernel)
>       eth0
>          |
>         \/
> INTERNAL NETWORK
> INCLUDING RH9 BOX (192.168.0.150)

> Many thanks in advance
> Mike Dixon

You have to forward your router's port 80 to the internal box. You want to
use iptables for that. My rule for that looks like this:

iptables -A PREROUTING -t nat -p tcp -i $EXT_INTERFACE --dport 80 \
-j DNAT --to 192.168.0.150:80

For more help take at look at 'man iptables'.

Dragan

 
 
 

routing from the outside in

Post by Leslie Co » Fri, 14 Nov 2003 12:23:15




> > Can somebody point me to a simple howto on getting a redhat 9 box on the
> > internal network seen from the outside on port 80?

> > INTERNET
> >          |
> >         \/
> >       ippp0
> >   REDHAT 7.3 (2.2 kernel)
> >       eth0
> >          |
> >         \/
> > INTERNAL NETWORK
> > INCLUDING RH9 BOX (192.168.0.150)

> > Many thanks in advance
> > Mike Dixon

> You have to forward your router's port 80 to the internal box. You want to
> use iptables for that. My rule for that looks like this:

> iptables -A PREROUTING -t nat -p tcp -i $EXT_INTERFACE --dport 80 \
> -j DNAT --to 192.168.0.150:80

> For more help take at look at 'man iptables'.

> Dragan

Hi Dragan
I too have the same problem as Mike, but when I tried your fix I got this
answer:
Warning weird character in interface '--dport' (No aliases, :, ! or * ). bad
argument '80'
Any ideas would be welcome.
Leslie Cox.
 
 
 

routing from the outside in

Post by Llanzlan Klazmon The 15t » Fri, 14 Nov 2003 13:40:06







>> > Can somebody point me to a simple howto on getting a redhat 9 box
>> > on the internal network seen from the outside on port 80?

>> > INTERNET
>> >          |
>> >         \/
>> >       ippp0
>> >   REDHAT 7.3 (2.2 kernel)
>> >       eth0
>> >          |
>> >         \/
>> > INTERNAL NETWORK
>> > INCLUDING RH9 BOX (192.168.0.150)

>> > Many thanks in advance
>> > Mike Dixon

>> You have to forward your router's port 80 to the internal box. You
>> want to use iptables for that. My rule for that looks like this:

>> iptables -A PREROUTING -t nat -p tcp -i $EXT_INTERFACE --dport 80 \
>> -j DNAT --to 192.168.0.150:80

>> For more help take at look at 'man iptables'.

>> Dragan

> Hi Dragan
> I too have the same problem as Mike, but when I tried your fix I got
> this answer:
> Warning weird character in interface '--dport' (No aliases, :, ! or *
> ). bad argument '80'
> Any ideas would be welcome.
> Leslie Cox.

What did you actually type after the -i ? Should be ippp0 in the OP's
example. i.e the name of the interface that connects the router to the
internet.

L.

 
 
 

1. Security from outside call-ins

I am on a Sun 3/260 running SunOS3.5.  Plugged into Serial Port A
I have a Microcom AX/2400 modem.  Some of the users at my site are
so dedicated that they actually want to be able to do some work
while they are home by way of calling in on their modems! (Can
you believe it?)  

Here's the question:  They (the users) have told me of other
systems they have been on (I believe Vax's) where they were
prompted to enter a system password before they were even asked for
thier own.  This could be some cryptic type of combination of
letters and numbers, making it almost impossible for the average
hacker to break. Anyone have ideas on how I could incorporate this
into my passwd file, but only having it prompt those who are dialing
in on the modem?  This could get to be a real pain if they had to
respond to another password everytime they logged in from a work-
station here at work.  

Then, once the caller successfully types in the system password,
they would still have to enter their own password.  Is such a
thing possible?  Thanks.
--
------------------------------------------------------------------
Don Cox :=)
UUCP: ..!rutgers!rochester!kodak!fedsys!scotty!dec
DISCLAIMER: The opinions expressed are mine and not of my employer.

2. Optional Interactive input

3. how can route to outside

4. Undelete???

5. Routing SLIP-Outside world

6. Satan... Anyone get it running?

7. Only ping to the ip outside outside our internal network under Redhat7.1

8. Compaq XL 566 for Solaris x86 ?

9. F80 - scsi to the internal hotplug-disks routed via a cable outside of the mashine.

10. linux 2.6.15 breaks route to outside world?

11. Can't see the outside network, but outside can see in - problem.

12. Routing, Can't ping outside gateway

13. route problem: route forgot to specify route netmask.