ipchains, iptables, ipmasqadm .... I′m confused

ipchains, iptables, ipmasqadm .... I′m confused

Post by Agustin Chernitsk » Sun, 24 Jun 2001 00:31:42



Hi all,

This is quite simple: I have RH 7 installed as a gateway with two NICs. I
was reading that in order to porform IP forward and NAT, I had to install
IPCHAINS. Up to there, no problems. The problem comes when I have to do some
port mappings.

Ie, I have my mail server in my internal IP 192.168.0.120. So, I have to
forward all paquets 25 / 110 to that IP. From what I read, IPChains doesnt
provide that function. It seems that I need another paquet called ipmasqadm.
Also iptables does the same....

Can someone tell me what to use? or if all the features are in IPChains and
I dont know how... Maybe an explanation of what RPM does what...

Thanks!!

--
Thanks,

Agustin Chernitsky.

 
 
 

ipchains, iptables, ipmasqadm .... I′m confused

Post by Ian Jone » Sun, 24 Jun 2001 06:41:19


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Quote:

> This is quite simple: I have RH 7 installed as a gateway with two NICs. I
> was reading that in order to porform IP forward and NAT, I had to install
> IPCHAINS. Up to there, no problems. The problem comes when I have to do
> some port mappings.

> Ie, I have my mail server in my internal IP 192.168.0.120. So, I have to
> forward all paquets 25 / 110 to that IP. From what I read, IPChains
> doesnt provide that function. It seems that I need another paquet called
> ipmasqadm. Also iptables does the same....

> Can someone tell me what to use? or if all the features are in IPChains
> and I dont know how... Maybe an explanation of what RPM does what...

My 2 cents:
Blow off RPM's completely when you are dealing with the kernel. If you have
to learn this stuff, don't cripple yourself learning the older, depricated
software.

Go to www.kernel.org and get the latest *stable* kernel sources. Go to
netfilter.samba.org and get the latest netfilter (iptables) sources. Build
the two as per the README's and read the included documentation. Everything
you need is in there. Of course the above course of action involves a bit
of a learning curve...you up for it?

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
Comment: Making the world safe for geeks.

iQA/AwUBOzO7fcAVSpfzXItKEQK45ACfY+55RIDPlaDroTGP1KxhU937zREAn0SL
m1ildQ+HUbsoks61ioYsH6M5
=Xplj
-----END PGP SIGNATURE-----

 
 
 

ipchains, iptables, ipmasqadm .... I′m confused

Post by Dean Thompso » Mon, 25 Jun 2001 11:33:22


Hi!,

Quote:> This is quite simple: I have RH 7 installed as a gateway with two NICs. I
> was reading that in order to porform IP forward and NAT, I had to install
> IPCHAINS. Up to there, no problems. The problem comes when I have to do
> some port mappings.

> Ie, I have my mail server in my internal IP 192.168.0.120. So, I have to
> forward all paquets 25 / 110 to that IP. From what I read, IPChains doesnt
> provide that function. It seems that I need another paquet called
> ipmasqadm. Also iptables does the same....

Correct, you will have to use ipmasqadm or another program called "redir" to
redirect your connections from the outside host to the inside host.  The
program "iptables" is built to work with the 2.4 kernel family, which probably
knocks it out of contention for you.  Additionally, ipchains also doesn't
provide the facility you are looking for.

You might want to do a search on http://www.rpmfind.net for "redir" or
"ipmasqadm" to get either package.  I personally, prefer "redir" as it is easy
to use.

See ya

Dean Thompson

--
+____________________________+____________________________________________+

| Bach. Computing (Hons)     | ICQ     - 45191180                         |
| PhD Student                | Office  - <Off-Campus>                     |
| School Comp.Sci & Soft.Eng | Phone   - +61 3 9903 2787 (Gen. Office)    |
| MONASH (Caulfield Campus)  | Fax     - +61 3 9903 1077                  |
| Melbourne, Australia       |                                            |
+----------------------------+--------------------------------------------+

 
 
 

1. I'm confused with ipchains/iptables on Redhat 7.2

I have the server RH installed kernel version 2.4.7-10.
It appears to be using ipchains because when I do a lsmod ipchains appears in
the list.  But I thought iptables was the default for RH 7.2.

I'm using pmfirewall to configure the it and it allows the web and chat traffic
thru so I'm happy with it.
BUT now I want to do some port forwarding and am not having any success.
I need to forward port 2047 and 8888 one of my internal machines but I'm lost.

So if someone could tell me which direction  to go with this I'll follow up with
more specifics.

Thanks,
darwin

2. How to increase MAXSYMLINKS?

3. REDIR/IPMASQADM/IPCHAINS

4. Searching for ...

5. ipchains && ipmasqadm portfw

6. phplib + PAM + suExec?

7. ipchains - ipmasqadm

8. Networking an old PC

9. Problems with ipchains/ipmasqadm configuration on firewall

10. ipmasqadm & ipchains

11. Web Server Firewall: IPCHAINS + IP Aliasing + ipmasqadm ?

12. Kernel 2.2.1:IPCHAINS:IPPORTFW:IP port forwarding: IP Masq: ipmasqadm

13. Using ipchains AND ipmasqadm in kernel 2.4.x ?