Forwarding with IPFilter on Solaris
From: Andreas Höschler (ahoesch_at_smartsoft.de)
Date: 01/30/04
- Previous message: Bill R. Williams: "SUMMARY: IP Address Alias"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 30 Jan 2004 15:06:16 +0100 To: sunmanagers@sunmanagers.org
Dear managers,
We have setup IPFilter as a firewall and NAT to hide a private subnet
10.0.0.x behind it. This works great. One of the machines in the
private subnet offers a service on port 1508. We would like to make
this service available from the outside world. All traffic to port 1508
sent to the external interface of our Solaris 8 machine should be
forwarded through the internal interface to the machine in the local
subnet with ip address 10.0.0.249. We have googled for a while and
finally added the following lines to the config files (assuming that
62.150.134.74 is the external ip address of the firewall machine with
IPFilter installed).
/etc/opt/ipf/ipnat.conf
rdr dmfe1 62.150.134.74/32 port 1508 -> 10.0.0.249 port 1508
/etc/opt/ipf/ipf.conf
pass in quick on dmfe1 proto tcp from any to any port = 1508 keep state
We expected this to work after doing
ipf -Fa -f /etc/opt/ipf/ipf.conf
ipnat -CF -f /etc/opt/ipf/ipnat.conf
but it did not. Any idea why? Does anybody has a good example for such
a setup.
Thanks a lot!
Regards,
Andreas
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
- Previous message: Bill R. Williams: "SUMMARY: IP Address Alias"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
