sslug-teknik team mailing list archive
-
sslug-teknik team
-
Mailing list archive
-
Message #06712
Re: Portkonvertering p�irewall
Det kan fint lade sig gøre. Jeg kender kun til de nye 2.2-kerner og ved, at det
foregår lidt anderledes med 2.0-kernerne. Nedenfor lidt fra hjælpeteksten til
2.2-kernel konfigurationen.
CONFIG_IP_MASQUERADE_IPPORTFW: ³
³ ³
³ Port Forwarding is an addition to IP Masquerading which allows some ³
³ forwarding of packets from outside to inside a firewall on given ³
³ ports. This could be useful if, for example, you want to run a web ³
³ server behind the firewall or masquerading host and that web server ³
³ should be accessible from the outside world. An external client ³
³ sends a request to port 80 of the firewall, the firewall forwards ³
³ this request to the web server, the web server handles the request ³
³ and the results are sent through the firewall to the original ³
³ client. The client thinks that the firewall machine itself is ³
³ running the web server. This can also be used for load balancing if ³
³ you have a farm of identical web servers behind the firewall. ³
³ ³
³ Information about this feature is available from ³
³ http://www.monmouth.demon.co.uk/ipsubs/portforwarding.html (to ³
³ browse the WWW, you need to have access to a machine on the Internet ³
³ that has a program like lynx or netscape). For general info, please ³
³ see ftp://ftp.compsoc.net/users/steve/ipportfw/linux21/ ³
³ ³
³ You will need the user space program "ipmasqadm" which can be ³
³ downloaded from http://juanjox.linuxhq.com/ ³
---
Hej,
Jeg vil gerne i kontakt med en linuxbox der har en privat ipadresse og som
sidder bag en firewall. Jeg tænkte på om man ikke kunne lave noget smart
med firewallen så når man connectede sig på f.eks. port 9999 så
'videresendte' den forspørgslen til en anden ipadresse og port, f.eks.
10.10.10.2:80 (Så kan jeg nemlig se intranettet fra internettet)
Hvordan gør man det hvis det er muligt.??
References
