From: /dev/null (dev-null@home.com)
Date: Wed Feb 07 2001 - 11:38:38 PST
yes, these interfaces are on one machine, Linux box.
eth0 - interenet
eth1 - LAN
A computer on my LAN (192.168.1.5) has some VPN software.
The VPN server resides on the Internet (x.y.z.12).
I want to pass all packets from 192.168.1.5 through the firewall to the
internet
I want to pass all packets from x.y.z.12 through the firewall to 192.168.1.5
is there a way to do this with ipchains?
How?
/dev/null
dev-null@home.com
----- Original Message -----
From: "MaD MaN" <joelf@ptd.net>
To: <pmfirewall@pointman.org>
Sent: Wednesday, February 07, 2001 1:37 AM
Subject: Re: [pmfirewall] 2 way communication w/ ipchains
> I am having a bit of a problem trying to figure out what you are talking
about
> here. These interfaces are in the same machine?? Why are do you want to
MASQ
> both of them?
>
> joel
>
> /dev/null wrote:
>
> > I have one machine (192.168.1.5) on eth1 that I need _all_ internet
traffic
> > from one outside server (x.y.z.12) on eth0 to be directed to. I tried
> > setting this up:
> >
> > ipchains -A forward -i eth0 -s 192.168.1.0/24 -j MASQ
> > ipchains -A forward -i eth1 -s x.y.z.12/32 -d 192.168.1.5/32 -j MASQ
> >
> > Well, web pages from the general inet work fine with this, but for some
> > reason connections coming in from .12 are not forwarded on to the
correct
> > machine. How can I tell ipchains to masq all traffic coming in from .12
to
> > .5?
> >
> > Basically .5 initiates a connection but .12 can't initiate any
connections
> > back to .5.
> >
> > Thanks!
> >
> >
****************************************************************************
> > * To UNSUBSCRIBE from the list, send a message with "unsubscribe
pmfirewall"
> > * in the message body to majordomo@pointman.org. Please direct other
> > * questions, comments, or problems to pmfirewall-owner@pointman.org.
> > *
> > * Need answers fast? Check the list archive located at:
> > * http://www.pointman.org/PMFirewall/list-archive/
> > *
>
> --
> Check it out one time!!
>
> http://www.VisualStimulation.com
>
>
>
****************************************************************************
> * To UNSUBSCRIBE from the list, send a message with "unsubscribe
pmfirewall"
> * in the message body to majordomo@pointman.org. Please direct other
> * questions, comments, or problems to pmfirewall-owner@pointman.org.
> *
> * Need answers fast? Check the list archive located at:
> * http://www.pointman.org/PMFirewall/list-archive/
> *
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe pmfirewall"
* in the message body to majordomo@pointman.org. Please direct other
* questions, comments, or problems to pmfirewall-owner@pointman.org.
*
* Need answers fast? Check the list archive located at:
* http://www.pointman.org/PMFirewall/list-archive/
*
This archive was generated by hypermail 2b29 : Sun Jun 10 2001 - 02:39:21 PDT