[ale] Access to port

[Joe]

Rick Brubakken wrote:
> 
> Ok, Ok, Stupid is as stupid does....
> 
> A few months ago I set up a firewall on my home Linux box ( RH6.1 ) using
> masquerading and ipchains.  Everything is working fine.
> 
> But now I have installed some video software on one of the Win boxes that
> allows me to view my camera images remotely.  Everything works fine from
> machine to machine behind the firewall.
> 
> But now I need to access a port that is running on the Win machine and to
> be honest, I don't have a clue on how to do that.  I would think that
> somewhere I would need to enable the firewall to let me have access to the
> port?

In other words, you want to be able to access a particular port on
the Win machine on your internal network from outside in Internet-land?

I think you should read the "ipmasqadm" man page, assuming you're
running kernel 2.2. Basically what you need is something like

# Forward connections to the firewall port to the internal machine.
ipmasqadm portfw -a -P tcp -L <firewall-addr> <fw-port> \
          -R <internal-addr> <internal-port>

Then connections to <fw-port> on the firewall will be redirected
to <internal-port> on the internal machine.

You may need additional ipchains rules to explicitly allow packets
into and out of the firewall on the indicated port; that aspect is
not totally clear to me.

Alternatively, if you only need this at particular times and for
short periods, you could use SSH's portforwarding facility to
securely access the Win machine from somewhere out in net-land,
provided there's an SSH daemon running and accessible on the firewall.

HTH,

-- Joe
 
> Any suggestions?
> 
> Thanks
> 
> Rick
> 
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

-- Joe Knapka
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.