Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Bob Jenner on August 20, 2001, 01:14:30 AM

Title: ipchains
Post by: Bob Jenner on August 20, 2001, 01:14:30 AM

I would like someone to tell me what I am doing wrong.

I have setup my aliased network interfaces, setup port forwards on them with commends like:

/sbin/ipmasqadm portfw -a -P tcp -L 63.194.15.205 80 -R 192.168.1.251 80

Setup IP chains to allow with commands like:

/sbin/ipchains --allow input

/sbin/ipchains --append input -p tcp -s 0/0 80 -d 63.194.15.205 80 -j ALLOW

But I can't get the darn thing to work (and I REALLY nedd it to!)
Any and all comments are welcome!!

Thanks,

Bob

Title: Re: ipchains
Post by: Bob Jenner on August 20, 2001, 01:59:04 AM

Further:
A review of the logs indicates an error:
"No target by that name". If the "target" is the name of the chain, the name "input" DOES exist. What am I doing wrong???

Thanks!

Bob

Title: Re: ipchains
Post by: Graeme Robinson on August 20, 2001, 04:37:56 AM

you should use the ip forwarding contrib - see the list of contributed HOTWOS.  That should give you enough to proceed with.

Title: Re: ipchains
Post by: Bob Jenner on August 20, 2001, 08:57:08 AM

I can't use the contrib, as it only supports one ip address, and I have several internal web servers to support, all of which must use port 80.