[TriLUG] ip_forward questions

mhrivnak mhrivnak at triad.rr.com
Mon Sep 29 18:31:41 EDT 2003 

I use the following iptables rules to forward a port for VNC.  You may
notice that the guide you are reading is over three years old, written when
ipchains was used.  It has been replaces with iptables, which I consider
more complicated but amazingly powerful.  There are a number of kernel
options related to the functionality of iptables. 

iptables -A FORWARD -i eth0 -o eth1 -p tcp --dport 5900 -j ACCEPT 

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5900 -j DNAT / 
 --to-destination 192.168.1.2 

I suggest chewing on "man iptables" for a while.  Looking at examples helps
a lot. 

Michael 

-- 
Open WebMail Project (http://openwebmail.org) 

---------- Original Message ----------- 
From: Mike Mueller <linux-support at earthlink.net> 
To: trilug at trilug.org 
Sent: Mon, 29 Sep 2003 17:02:49 -0400 
Subject: [TriLUG] ip_forward questions 

> CONFIG_IP_FORWARD no longer exists in .config for 2.4.18+ and 
> 2.2.19+. IP forwarding is now controlled with
/proc/sys/net/ipv4/ip_forward. 
> 
> This exerpt from "Linux Dialin Server Setup Guide" 
> 
> (http://www.swcp.com/~jgentry/pers.html) confuses me because it 
> suggests ip_forwarding is still an individual kernel option.  (I 
> don't think this is the case however because searching on "FORWARD" 
> in /usr/src/linux/.config is fruitless) 
> 
> If you intend to use your dialin server as a gateway for dialin 
> clients, you will need support for IP forwarding in your kernel. 
> Unless you did a custom install of the OS, IP forwarding is probably 
> supported. To check, see if the file /proc/sys/net/ipv4/ip_forward 
> exists. If it does, IP forwarding is supported in your kernel. 
> 
> Can anybody explain the apparent change and why it was put into 
> effect?   
> -- 
> Mike Mueller 
> 324881 (08/20/2003) 
> Make clockwise circles with your right foot. 
> Now use your right hand to draw the number "6" in the air. 
> -- 
> TriLUG mailing list        : http://www.trilug.org/mailman/listinfo/trilug

> TriLUG Organizational FAQ  : http://trilug.org/faq/ 
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ 
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc 
------- End of Original Message -------

More information about the TriLUG mailing list