Topic: Help sme server as configured to operate as a firewall and gateway

[xavier]

sme server configuration for gateway and firewall
for connection to an internal pc serving remote desktop

[Stefano]

xavier, please read the documentation, all you need to know is there..

also, ask in the spanish language forum

thank you

[xavier]

problem in the configuration, help

in server-manager
----------------port forwarding
----rule     
protocol  TCP
source port 3389
target host ip 192.168.1.100
destination port 3389

port is not open and is not a gateway for connection

where reviewing firewall rules, and open or closed ports
in /sbin/iptables  =  data unreadable
in /etc/rc.d/init.d/masq   = rule port forwarding not visible

in tutorial
eg to leave open some ports ie 222 & 2000-2010, block in ranges
config setprop masq TCPBlocks 0.0.0.0/0:1-221,0.0.0.0/0:223-1999,0.0.0.0/0:2011-65535

Update the config changes and restart masq
signal-event remoteaccess-update
/etc/init.d/masq restart

this rule's okay port 22 and 3389 or wrong
config setprop masq TCPBlocks 0.0.0.0/0:1-21,0.0.0.0/0:23-3388,0.0.0.0/0:3390-65535

otherwise but already exist template default or system
Create a custom template and list the IP's
mkdir -p /etc/e-smith/templates-custom/etc/rc.d/init.d/masq/
pico -w /etc/e-smith/templates-custom/etc/rc.d/init.d/masq/40DenyRiffRaff
/sbin/iptables -A INPUT -s 69.212.12.76/32 -j DROP
/sbin/iptables -A INPUT -s 88.28.215.11/32 -j DROP

expand and restart
/sbin/e-smith/expand-template /etc/rc.d/init.d/masq
/etc/init.d/masq restart

which would be a correct rule for ports 22 and 3389
help where you can review and configure firewall rules, thanks.......

[janet]

xavier

PLEASE DO NOT POST THE SAME QUESTION TWICE IN DIFFERENT FORUM THREADS.

See answer in other thread at
http://forums.contribs.org/index.php/topic,46647.msg229156.html#msg229156

[cactus]

Locking this thread, please follow up in the thread mentioned in above post.