Results 1 to 6 of 6

Thread: Shorewall Q - how to port forward ?

Hybrid View

  1. #1
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935

    Shorewall Q - how to port forward ?

    I want to port forward on the same machine.

    When my friends ( who have no access for SSH from their network ) point their SSH client to port 443 ( to trick proxy servers as being using HTTPS traffic ), I wanted my firewall to port forward it to port 22 on the same machine with the same interface.

    I'm using shorewall 1.4.8 on Debian and iptables.

    P.S --> I'm reading Shorewall site currently but haven't found what I wanted ATM.

    TIA

  2. #2
    Senior Member
    Join Date
    May 2001
    Posts
    345

    Re:Shorewall Q - how to port forward ?

    From http://shorewall.net/Documentation.htm#Rules
    Example 12. You want to redirect all local www connection requests EXCEPT those to your own http server (206.124.146.177) to a Squid transparent proxy running on the firewall and listening on port 3128. Squid will of course require access to remote web servers. This example shows yet another use for the ORIGINAL DEST column; here, connection requests that were NOT (notice the !) originally destined to 206.124.146.177 are redirected to local port 3128.

    #ACTION SOURCE DEST PROTO DEST PORT(S) SOURCE ORIGINAL
    # PORT(S) DEST
    REDIRECT loc 3128 tcp www - !206.124.146.177
    ACCEPT fw net tcp www

    so, seems to me you could edit that to work for your situation, with something like

    REDIRECT net 443 tcp 22 -

    Worth a shot?

  3. #3
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935

    Re:Shorewall Q - how to port forward ?

    [quote author=vvx link=board=5;threadid=8595;start=0#msg77643 date=1075267010]
    #ACTION SOURCE DEST PROTO DEST PORT(S) SOURCE ORIGINAL
    # PORT(S) DEST
    REDIRECT loc 3128 tcp www - !206.124.146.177
    ACCEPT fw net tcp www

    so, seems to me you could edit that to work for your situation, with something like

    REDIRECT net 443 tcp 22 -

    Worth a shot?
    [/quote]Still doesn't work. Connection refused error message. :-\
    I'm gonna look for port to port redirection. If not, I will get another box take that SSH connection at port 443 and forward it to another box's port 22.

    Thanks VVX anyway.

  4. #4
    Senior Member
    Join Date
    May 2001
    Posts
    345

    Re:Shorewall Q - how to port forward ?

    This rule works for me.

    REDIRECT net 22 tcp 443

    Apparently I had the ports backwards before. (Only works when testing from a machine outside of my lan.. which makes sense as that's what would end upg oing through shorewall.)

  5. #5

    Re:Shorewall Q - how to port forward ?

    How's about tunnels? gorn wrote a great PET on those-
    http://www.linuxjunior.org/cgi-bin/p...lay&id=106

  6. #6
    Moderator
    Good Guru
    Compunuts's Avatar
    Join Date
    May 2001
    Location
    California
    Posts
    3,935

    Re:Shorewall Q - how to port forward ?

    [quote author=vvx link=board=5;threadid=8595;start=0#msg77650 date=1075284518]
    This rule works for me.

    REDIRECT net 22 tcp 443

    Apparently I had the ports backwards before.
    [/quote]
    Well, I tried that rule also but didn't work.
    (Only works when testing from a machine outside of my lan.. which makes sense as that's what would end upg oing through shorewall.)
    That was it. I was trying to log in from my own LAN which is NOT configured to do. When I logged into an account outside of my LAN and tried that, it worked.

    ThanksVVX and guys.

Similar Threads

  1. Can Port Forward on Windows XP But Not on Ubuntu
    By OtagoHarbour in forum Ubuntu / Debian
    Replies: 4
    Last Post: 12-30-2011, 09:34 AM
  2. Unable to "port forward" for Apache.
    By codemonkey2007 in forum Linux - Hardware, Networking & Security
    Replies: 5
    Last Post: 02-20-2007, 01:55 PM
  3. Shorewall firewall
    By cloverm in forum Linux - Software, Applications & Programming
    Replies: 2
    Last Post: 04-04-2003, 02:34 AM
  4. dual port net card: port trunking?
    By Blaqb0x in forum Linux - Hardware, Networking & Security
    Replies: 0
    Last Post: 02-06-2003, 10:33 PM
  5. Shorewall
    By stodgel in forum Linux - Software, Applications & Programming
    Replies: 1
    Last Post: 09-20-2002, 01:26 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •