How to make a redirecting ?
I have a RedHat 7.2 PC, which is configured as firewall, using ipchains. I have an internal network 192.168.x.x/255.255.0.0, which this firewall is protecting. The firewall has multiple real IP addresses ( done with aliasing ).
I also have a WEB server, which is connected to my external network ( let's assume it has ip address 212.111.111.111 ).
I want to connect the WEB server to the internal network and to add its IP address as another alias in the firewall and somehow to make redirection. Assuming the internal IP address of the WEB server will be 192.168.0.5.
So, the firewall will have the real IP address of my WEB server (212.111.111.111) and should redirect all the incoming packages on port 80 to 192.168.0.5:80.
My question is how can I make it with ipchains or another tool.
I also have a WEB server, which is connected to my external network ( let's assume it has ip address 212.111.111.111 ).
I want to connect the WEB server to the internal network and to add its IP address as another alias in the firewall and somehow to make redirection. Assuming the internal IP address of the WEB server will be 192.168.0.5.
So, the firewall will have the real IP address of my WEB server (212.111.111.111) and should redirect all the incoming packages on port 80 to 192.168.0.5:80.
My question is how can I make it with ipchains or another tool.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks hnminh, I will try this solution
if you're using ipchains, download, install and use the tool ipmasqadm. I haven't used RH 7.2, so I am assuming that this tool works with it.
Then, you can forward all web requests from 212.x.x.111 to 192.168.0.5
download the tool here:
ftp://ftp.redhat.com/pub/contrib/libc6/i386/ipmasqadm-0.4.2-4.i386.rpm
incorporate this into your existing firewall script:
ipmasqadm portfw -a -P tcp -L 212.111.111.111 80 -R 192.168.0.5 80
Then, you can forward all web requests from 212.x.x.111 to 192.168.0.5
download the tool here:
ftp://ftp.redhat.com/pub/contrib/libc6/i386/ipmasqadm-0.4.2-4.i386.rpm
incorporate this into your existing firewall script:
ipmasqadm portfw -a -P tcp -L 212.111.111.111 80 -R 192.168.0.5 80
ASKER
Thanks to escheider also, I will try
ASKER
To escheider :
When I try to use ipmasqadm I am receiving this error :
portfw: setsockopt failed: Invalid argument
When I try to use ipmasqadm I am receiving this error :
portfw: setsockopt failed: Invalid argument
ASKER
Also when I try to run : ipmasqadm portfw -l to see if something has happened I am getting this :
portfw: setsockopt failed: Invalid argument
Could not open "/proc/net/ip_masq/portfw"
Could not open "/proc/net/ip_portfw"
Check if you have enabled portforwarding
How to enable the portforwarding
portfw: setsockopt failed: Invalid argument
Could not open "/proc/net/ip_masq/portfw"
Could not open "/proc/net/ip_portfw"
Check if you have enabled portforwarding
How to enable the portforwarding
$iptables -t nat -A PREROUTING -p tcp --destination-port 80 -s 0/0 -d 212.111.111.111 -j DNAT --to-destination 192.168.0.5:80
someone please correct me if we should use OUTPUT chains instead!!!