> Hello all
> I am new to this group and my question maybe already discussed, if so
> excuse me.
> I've a linux firewall, and a P2 win2000 behind it, ipchains is setup
> so both pc's can connect the internet.
> How can someone on the internet find the P2 were an FTP server is
> running on IP 192.168.0.X
> ipmasqadm is already installed / updated
Use something like this:
/usr/sbin/ipmasqadm portfw -a -P tcp -L <your external ip> 21 -R
192.168.0.X 21
/usr/sbin/ipmasqadm portfw -a -P tcp -L <your external ip> 20 -R
192.168.0.X 20
Port 20 is for ftp-data.. check you /etc/services file to see what ports
ftp uses. I don't really know if ftp uses udp.. I don't
think so, but if it doesn't work try to add these lines:
/usr/sbin/ipmasqadm portfw -a -P udp -L <your external ip> 21 -R
192.168.0.X 21
/usr/sbin/ipmasqadm portfw -a -P udp -L <your external ip> 20 -R
192.168.0.X 20
Of course your firewall needs to accpet connections on port 20 and 21..
If you're getting a dynamic IP address every time you connect to the net
it can be difficult to set the external ip address using
ipmasqadm.. You can use the following command to get your external IP
address:
(This is if ppp0 is your external interface)
ifconfig ppp0 | grep inet | cut -d : -f 2 | cut -d \ -f 1
You can then add something like this to your /etc/ip-up script to
automate the whole thing:
-----------------------------------------------------------
ip=`ifconfig ppp0 | grep inet | cut -d : -f 2 | cut -d \ -f 1`
/usr/sbin/ipmasqadm portfw -a -P tcp -L $ip 21 -R 192.168.0.X 21
/usr/sbin/ipmasqadm portfw -a -P tcp -L $ip 20 -R 192.168.0.X 20
------------------------------------------------------------
Quote:> but i cant figure out wich rules must be added to redirect te port 21
> calls, and if those rules must come for or after de rules that setup
> masquarading
The rules should be entered after you set the IPMASQ rules I guess..
Actually I don't think it matters at all if they come before or after.
Quote:> Thx in advance
> Greetz Twilight
--
by