[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SuSEFirewall doesn't work?



Hi, thanks for answering.

El Martes, 11 de Mayo de 2004 17:53, Tom Kramer escribió:
> 
> > -----Original Message-----
> > From: Manuel Balderrábano [mailto:garibolo@xxxxxxxxxx] 
> > Sent: Tuesday, May 11, 2004 5:42 PM
> > To: suse-security@xxxxxxxx
> > Subject: Re: [suse-security] SuSEFirewall doesn't work?
> > 
> > Hi.
> > 
> > Please, please, please... Can anyone tell me how to use PAT 
> > under SuSEFirewall2?
> > 
> > Sorry for using this thread to ask this, but Tom mentioned it 
> > and I got nervous because I have been trying it for a while. 
> > In the end, used squid for apache, but I found nothing for 
> > ssh and cvs, so that I have to check the firewall along with 
> > both the ssh , the cvs and snort logs.
> 
> I don't know what you want to do exactly but check this:
> 
> http://www.sun.com/bigadmin/content/submitted/squid_proxy.html

What I need is to redirect all incoming connections on port 80 to another 
computer on the DMZ.

> 
> Maybe this is the answer you are looking for:
> 
> "....
> 
> You probably have a more sophisticated NetFilter setup. However, there is
> one line that you need to redirect inbound traffic on port 80 to Squid on
> port 3128:
> 
> iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT
> --to-ports 3128

I do that just by using port 80 on squid, but I would need to do something 
like:

 iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT
 --to-host X.Y.Z.T

(I made up that --tol-host rule)

Regards.

> 
> ...."
> 
> 
> -- 
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
> 
> 

-- 
---------------------------------------------------------------------------------
Manuel Balderrábano

e-mail: garibolo@xxxxxxxxxx
---------------------------------------------------------------------------------


--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here