Topic: Port forwarding on sme 6.0

[Eli]

I need some help on using the port forwarding feature on sme 6.0.
Where it says protocol there are two choices, tcp and upd what do they mean?
Source ports what do I put here?
destination host ip. That would be the web server ip, correct?
destination port what do I put here?

I had already tried myself. port 80 is blocked so I tried port 8080, but it didn't work. It seems I didn't do it right, I didn't understand it anyway.

[rick]

You might do better if you explain exactly what it is you want to do with the port forwading. I use the port forwarding and it works as it should, to route external i.p. to internal networks. An example of this is remote desktop in windows xp, which I use from work to home. The settings are as follows, the source ip is my external i.p. at work, the destination i.p. is the i.p. address on my internal network, tcp is the protocol, and the port is the port that remote desktop uses to operate.
For example, My source i.p. 203.123.123.123 my internal i.p. 192.168.123.123 port is 3389 (the i.p.'s are just an example, substitute with whatever you have) This results in any request from my external i.p. at work via port 3389 being able to access the internal network at home. This has nothing to do with port 80 being blocked by your isp, if you are tring to run a webserver and redirect requests to port 80, that's a different issue

[Eli]

Yes, I am trying to run a web server but my isp is blocking port 80. So I wanted to redirect to another port. Can this be done? If so Please tell me how.

Thanks for the help.

[Andrew Gray]

Here is another example and explaination:

My home e-smith box runs as a dialup gateway to the internet.  It gets a dynamic IP assigned to it from the isp, eg 203.12.46.50, but I have an internal network which my personal computer lives on, it has an ip address of 192.168.0.77.  The e-smith box is also on this internal network with IP address 192.168.0.254

now I play games on my pc, but I need port 12456 visible to the internet, so I go to my linux box, enter the port forwarding details as follows:

Protocol: TCP
External Port Number: 12456
Destination IP address: 192.168.0.77
Destination IP address: 12456

this means that any packet arriving at the e-smith box at port 12456 will get forwarded to port 12456 on my pc (ip address 192.168.0.77).  So when the game is running, and my friends try to connect to me over the internet, they connect to me through my linux box.  

The external port and destination port don't have to be the same.  I could specify an external port of 8000 and a destination IP of 192.168.0.77 and destination port of 80 and run a web server on my pc (ip address 192.168.0.77) on port 80 and then whenever someone tries to access the web on my linux box on port 8000, it will actually go to my pc on port 80.  Get it yet?

The different between UDP and TCP is this.  They are simply two different protocols.  Most applications use TCP.  This is almost exclusively.  Very few things use UDP.  TCP stands for transmission control protocol.  It's a protocol which ensures that if a packet is sent, it will arrive at the destination.  UDP doesn't do this, so it's not as good, but the advantage of UDP is there is less overhead when transmitting packets.  Usually, you'll be pretty safe using TCP since most things use this.  It'll probably say somewhere if it is using UDP. just stick to TCP for now.

Hope this helps and makes sense.

- Andrew Gray

[guestHH]

YFYI a new portforwarding rpm has been released.

[Eli]

Thanks very much for your help. I understand it perfectly now.

-Eli

[ProStar]

Hello,

I would like to go back to the original question of Eli ... I have the same problem (being my ISP blocking port 80) and would also like to put my webserver on another port (e.g. 8080).

With the information available on the forums I've tried to change my apache configuration to listen on port 8080, but did not succeed in this (I used both v5.6 and v6.0b2). All information is or old, or does not work.

An alternative solution for this seems to be using portforwarding (like Eli suggested), but only on the external interface (so from one port (e.g. 80) on the external interface to another port on the external interace(e.g. 8080)).
I perfectly understand that this is not the normal situation, but the ssh way of redirecting/tunneling ports makes this perfectly possible.
Another advantage of this is that you avoid a lot of problems: internal DNS problems (with a dynamic DNS you can re-route ports, but not with internal DNS), security configurations (e.g. some security issues with the server manager), etc.
This way of working seems to me like the most simple AND best solution to deal with a ISP blocking you ports ... easy configuration, default behaviour, ...

So, my questsion is:
- Is this possible with the portforwarding panel? To my experience it is not, but I could have done something wrong ... If not, can it be adapted so that this would work?
- Can this be achieved in another way?

[Craig Foster]

Try using a port-forwarding contrib for TCP port 81 (or whatever you want to use) and use  "$OUTERNET" (with no quotes) as the desitination address and port 80 as the destination port

This has been covered before, I;d suggest you use the search for more info.

[Eli]

I can't get it working let me write what I think I have to do and then someone please correct me.

First I setup "www" to global and put my external ip from review configuration into local and global ip (i was told I don't need to put any local ip in). I have already setup an account with dyndns.org and I set it up on the server. Then I found out it wasn't working because my isp has blocked port 80. So I set up port forwarding. Which goes like so.
Protocol:Tcp
Source Port:80 and then my external ip or would that be my server's internal ip? Both ips bring my webpage up.
Destination Port:80.

[Eli]

I there any one that can help me?

[Tim]

it doesn't help to forward port 80 - it is blocked so no one will every hit that rule.    You have to forward some other port  - 81 for example - back to port 80 once it gets to your server.

[jor70]

YFYI a new portforwarding rpm has been released.

Can someone point me to this rpm ?
thks

[mbachmann]

Search for e-smith-portforwarding-0.1.0-31.noarch.rpm. But if you do not basically understand what Andrew or Rick are trying to explain, this would not be much help to you. All you get with the pf contrib is a nice html screen to enter/save values like

Protocol    
Source Port(s)    
Destination Host IP Address    
Destination Port(s)