Topic: packet redirectors

[pcc]

question:  how do i redirect packets from the Internet to another computer on my internal network?

ex.  my e-smith box has an external IP of 209.209.209.?, internal IP of 192.168.1.1.  i have an internal FTP server with the address 192.168.1.2 port123.  i want to reroute the incoming packets for the internal FTP server.

thnks.

phillip

[tommy]

Isn't this just port forwarding?

I'm new to e-smith and not sure what exactly ships with it.


Tommy

[pcc]

tommy wrote
> Isn't this just port forwarding?

yes, just like port forwarding.  

i've found some documentation about IPMASQADM and IPPORTFW  , except that it says that i need to recompile the linux kernel to support IPPORTFW.

e-smith doesn't ship with any compilers, so i can't use it.  any other suggestions to get e-smith to do port forwarding?

thanks for the help, much appreciated

phillip

[cryblood]

I am currently experimenting with IPMASQADM to forward to an M$ Exchange server.  I haven't yet gone "live" with it because it's my arse if it doesn't work and the Head Cheese around here notices 3 seconds of downtime where e-mail is concerned. ( Why I am forced to put up with Exchange is a LONG story)  Anyway, I can currently telnet to port 25 or port 110 on my e-smith box's IP address and magically it says it is running Exchange! (ie, i'm really on port 25 or 110 of the Exchange server).

My experiance with IPMASQADM has been a fairly nice one, once past the initial learning curve typical of Linux software packages (ie shortness and vaugeness of docs) I got it up and running in short order. (I'm just too chicken to implement it right this second)  I personally downloaded the RPM in binary form to get around having to compile (my dog ate my production Linux box)  and it comes with the kernel module and other software needed.  A quick edit of the templates and away I went!  I personally used the masq config file because that is where e-smith is putting the ipchains rules etc.  

Feel free to e-mail me for any more info, I'll try to help in any way I can.

I thought about submitting it as a contribution once i'm sure it works as good as I would want it to. (plus I wanted to look up the rules for contrib as I had nothing to do with the writing or supporting of IPMASQADM)

[cryblood]

Just an update.

I have in fact gone live with the port forwarding to the Exchange server.  Wow does this look weird on a port scan!   I looks just like the e-smith is running M$ Exchange Server!  Microsoft boy (boss) is thrilled to have it because for some reason Exchange crapped and stopped listening to it's "outside" IP! now, the e-smith box is doing that for it!

I kinda feel like I just went to a wedding where someone just married their ugly cousin!

[Joseph Morrison]

cryblood wrote:
> I kinda feel like I just went to a wedding where someone just
> married their ugly cousin!

Nice metaphor I wanted to mention that e-smith 4.0 has a feature that allows you to accomplish this without using port forwarding. It has a setting in the user interface that causes qmail to forward any email for the local domain to another local server.

This might be a bit more secure than port forwarding, and avoids those pesky marital squabbles

- Joe

[cryblood]

Thanks Joseph, I haven't had the time to dig into e-smith 4 yet,  I may set it up at home sometime soon (no time... no time... where do the time go?....)  but now that we have it all up and running at work I doubt that Micro$oft boy's heart could take it if I even mentioned wanting to use a newer version and even with his unnatural (Micro$oft) leanings, he's generally a good guy and I wouldn't want to cause him that kind of upset.

Besides, I am under the impression that for some reason since the mail at work comes in from a corporate server it is setup to work only with an Exchange server.  It sounds darn strange to me too... believe me... but by using the port forwarding I was able to make it all work hapily. (hopefully it stays working for a LONG time)

ps... I am looking forward to having the time to setup ver 4 at home and also using it as a print server... I just got me a laser printer and my little woman is getting crabby that she can't print to it too...  I tell her she can, but she always wants to try when I have my system shut off (eg. I'm not home).  Connecting it to the server will be nice!