Topic: Port Open + Forward

[John]

I have 5.6 installed server / gateway.  I want to open and forward port 2345 and 3389 to my Windows Server on my local network.  Is this the correct syntax..because it ISN'T WORKING for me.  Thank you.

 /sbin/ipchains --append input -p tcp -s 0/0 -d $OUTERNET 2345 -j ACCEPT
    /sbin/ipchains --append output ! -y -p tcp -d 0/0 -s $OUTERNET 2345 -j
ACCEPT
    ipmasqadm portfw -a -P tcp -L $OUTERNET 2345 -R 172.16.1.2 25

 /sbin/ipchains --append input -p tcp -s 0/0 -d $OUTERNET 3389 -j ACCEPT
    /sbin/ipchains --append output ! -y -p tcp -d 0/0 -s $OUTERNET 3389 -j
ACCEPT
    ipmasqadm portfw -a -P tcp -L $OUTERNET 3389 -R 172.16.1.2 25

I have them in /etc/e-smith/templates-custom/etc/rc.d/init.d/masq with one named 45AllowTS and 45AllowTW

I then do a "/sbin/e-smith/signal-event remoteaccess-update" and it is as thou I accomplished nothing.

I know this is a worn out topic and after spending 4 days searching and using many variations, I still can't get it working.

Thanks guys,
John

[Byte]

Why dont you use the Port Open Contrib found over at http://wiki.contribs.org

[John]

One of the many things i tried that did not function.

[Byte]

one thing I can see why it doesnt work is that you are using ipchains when 5.6 is iptables

[John]

do i just change replace all "ipchains" with "iptables" ??

[Michael Smith]

Strange that the portforwarding contrib didn't work for you ... it's worked for me, and for many others.  You might consider upgrading to 6.0b3 ... it has portforwarding built in.

[Charlie Brady]

John wrote:

> One of the many things i tried that did not function.

Not surprising since (as I keep saying) the Port Opening contrib does nothing useful.

Use (the correct version of) the port forwarding add-on. It'll open and forward the ports that you tell it to. As Michael says, 6.0beta includes port forwarding in the manager.

Charlie

[John]

Charlie Brady wrote:
>
> John wrote:
>
> > One of the many things i tried that did not function.
>
> Not surprising since (as I keep saying) the Port Opening
> contrib does nothing useful.
>
> Use (the correct version of) the port forwarding add-on.
> It'll open and forward the ports that you tell it to. As
> Michael says, 6.0beta includes port forwarding in the manager.
>
> Charlie

I would love to run the beta, a matter of fact I intalled it twice.. 6.3 all updates... I have a problem with that too.. didn't try the port forwarding.. LISTEN to this:

I host multiple domains/websites.  No matter which of my urls I through in the browser I get the primary or default domain/ibay displaying its html.  

Anyone?

[Michael Soulier]

John wrote:
>
> I would love to run the beta, a matter of fact I intalled it
> twice.. 6.3 all updates... I have a problem with that too..
> didn't try the port forwarding.. LISTEN to this:
>
> I host multiple domains/websites.  No matter which of my urls
> I through in the browser I get the primary or default
> domain/ibay displaying its html.

After installing 6.0b3, (there is no 6.3) you should apply all updates. We fixed that problem some time ago.

Mike

[Klaus Eckert]

why so complicated?
first: do not change any config-files manually, modify the templates instead.
second: the portopening/portforwarding-contribs work fine for me.
third: if you open a port, you have to forward it too

cheers klaus

[Alejandro Lengua]

mm...
I have installed portforwarding and packetfiltering in my SME 5.6 BOX
and it seems to be not working yet. The interface panel works, however
it seems to be not redirecting any traffic at all.

I am trying to forward ports 25,110, and 80; and I have also installed the
contrib that allows to stop unwanted services. The reason of this was
to keep included smtp/pop3 services from answering to those ports.

I would use SME 6 Beta, but I need to route a second "local"
LAN to Internet, as well as make use of PPTP service and SARG reports,
and I am afraid that the current available contribs are not compatible with
SME 6.0

Any suggestions?

Regards
Alejandro Lengua

[Klaus Eckert]

Alejandro Lengua wrote:
>
> mm...
> I have installed portforwarding and packetfiltering in my SME
> 5.6 BOX
> and it seems to be not working yet. The interface panel
> works, however
> it seems to be not redirecting any traffic at all.

use the port-opening contrib to open the port.
you cannot forward a port that is not opened.

[Alejandro Lengua]

I am trying to forward ports 25 and 110 that are supposed to be open
by default.

I wonder if it is necessary to run this
/sbin/e-smith/signal-event post-upgrade

I don´t remember having done so.

[Alejandro Lengua]

I found some documentation for SME55, and it seems to be simpler on SME,
just do something like this

>>>>>>>>>>

SME 5.5

Use port forwarding to forward traffic from the relevant TCP/UDP ports
from the SME box to a PC inside your own network.

[root@e-smith ]# ipmasqadm portfw -a -P tcp -L SME_IP  4661 -R PC_IP 4661
[root@e-smith ]# ipmasqadm portfw -a -P tcp -L SME_IP  4662 -R PC_IP 4662
[root@e-smith ]# ipmasqadm portfw -a -P tcp -L SME_IP  4663 -R PC_IP 4663
[root@e-smith ]# ipmasqadm portfw -a -P udp -L SME_IP  4665 -R PC_IP 4665

List your port forwardings to make sure that your entered the information
correctly.

[Alejandro Lengua]

Yes SME 6,  includes port-forwarding however it seems that it don´t forward
ports 80, 25 and 110.