IPAUTOFW problems (help me please.)

**NEWS FLASH** I'm pretty sure I'm using the WRONG program for this, question now concerns IPPORTFW... see comments below... thank you.

--Original Message--

   I'm trying to get the IPAUTOFW program to forward certain ports on the firewalling machine to ones inside the firewall. I have compiled linux with IP Forwarding on (enabled in etc/sysconfig/network), masquerading on, IPAUTOFW support on. Basically I turned most of the networking tabs on.
   The firewall is working now, I can http/ftp/whatever out of it and get information back, but the ipautofw program just will not work. Here's the commands I used for both ipfwadm and ipautofw.

ipfwadm -F -f
ipfwadm -F -a m -S 192.168.2.0/24 -D 0.0.0.0/0
(also tried ipfwadm -F -m -a (a/m) -S ..., but no luck).

ipautofw -A -r 21 21 -h 192.168.2.2

    See now that should forward it over to the other machine's port 21 right? I've searched the limited base of info related to ipautofw and this was how I was told to set it up, and it makes sense to me? But why the heck isn't it working? Help me soon please, I only have a few days of summer left before I have to go back to school and won't have any time to work on my baby!

jguerinAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
SiegerConnect With a Mentor Commented:
If you are sure you got the patch to install successfully, and you got the kernel to recompile and you got the same problem as I had before, then I am pretty sure the reason  is that you didn't type "lilo" after you recompile as it won't read your newly compiled kernel without doing so.  I just remember to do so during the weekend and i got it to work !!!  Good luck!
0
 
jguerinAuthor Commented:
Edited text of question
0
 
fmismettiCommented:
I have a linux box acting as ip forwarder between my internal network and the internet.

I am using kernel 2.0.35, compiled with ip forward and ip masquerade. Also, I have ipfwadm-2.3.0.

Commands to forward:

ipfwadm -F -p deny
ipfwadm -F -a m -S 10.0.0.0/8 -D 0.0.0.0/0
ipfwadm -F -a m -S 0.0.0.0/0 -D 10.0.0.0/8

All machines inside my net have ip addresses 10.n.n.n and are configured to have the linux box as gateway. In the linux box I have two cards, one in 10.n.n.n and the other with a public ip from the internet and in the same network my physical link to the internet is.

I have no problems at all. Hope it helps you.
0
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

 
fmismettiCommented:
I have a linux box acting as ip forwarder between my internal network and the internet.

I am using kernel 2.0.35, compiled with ip forward and ip masquerade. Also, I have ipfwadm-2.3.0.

Commands to forward:

ipfwadm -F -p deny
ipfwadm -F -a m -S 10.0.0.0/8 -D 0.0.0.0/0
ipfwadm -F -a m -S 0.0.0.0/0 -D 10.0.0.0/8

All machines inside my net have ip addresses 10.n.n.n and are configured to have the linux box as gateway. In the linux box I have two cards, one in 10.n.n.n and the other with a public ip from the internet and in the same network my physical link to the internet is.

I have no problems at all. Hope it helps you.
0
 
SiegerCommented:
What is not working?
What's the setup of your clients?(Windows 95/NT)
0
 
jguerinAuthor Commented:
OK first off I think I'm using the wrong program for this task...
I want to access a computer behind my firewall from outside the firewall. I believe the program I need is ipportfw. I downloaded the source, patches, and other necessary files for ipportfw. I patched the kernel, recompiled, compiled ipportfw, and sent it over to the other machine (compiled on fast linux box and sent to server). I copied the image over, ran  lilo to reload everything, and rebooted. I now get a bunch of problems with ipportfw when I run it.
1) When adding rules, typically get "setsockopt" errors.
2) When viewing the rules, I get "can't open /proc/net/ip_portfw, did you install port forwarding?". This file doesn't exist. WTF do I do about this?
3) When clearing the list, I get another "setsockopt" error, invalid protocol.
Comments, answers?

0
 
SiegerCommented:
I got the exactly the same error when I tried to do this... if you do ipportfw -L to try to get a list, then it will probably say are you sure you installed ipportfw that kinda stupid question..
0
 
jguerinAuthor Commented:
Yep that's the one.
Correction above... When I try to add a rule, it says that the destination is invalid... no matter WHAT I enter. I tried entering 5 different addresses, all of them valid (they exist and are reachable), and the thing still complains!?
Kernel version 2.0.35, all packages downloaded from the Steve guy's homepage. I know SOMEBODY out there has it working ; ).
0
 
jguerinAuthor Commented:
Edited text of question
0
 
JYoungmanCommented:
You could use rinetd from ftp.boutell.com.

0
 
SiegerCommented:
I tried rinetd and get this error message

rinetd: couldn't bind to address 111.222.333.44  port 1723

where 111.222.333.44 is the VPN server..
tried to switch the ip around in the conf file but no luck...

jguerin must be in school already :(
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.