[Shorewall-users] port forward from local net to local machine

eric.taillon@mks.net eric.taillon@mks.net
Fri, 26 Apr 2002 12:07:07 -0400

I found how to do but the only problem is that all connection seems to come
from the firewall itself.
In our setup, we don't care about the ip of the source because  we are
using user/password authentification.

It's not exactly like FAQ #2 but this one gave me a hint... Thanks Tom!

Here is what I did to make it work:

local network:
IP of proxy:
IP of firewall:

ACCEPT  loc:!  loc:  tcp  http  -


                                                       To:     "eric.taillon@mks.net" <eric.taillon@mks.net>                     
                                                       cc:     Shorewall Users <shorewall-users@shorewall.net>                   
                                                       Subject:     Re: [Shorewall-users] port forward from local net to local   
                     From:Tom Eastep                                                                                             
                on 26/04/2002 07:32 AM MST                                                                                       

On Fri, 26 Apr 2002, eric.taillon@mks.net wrote:

> Hum!!!
> This mean that on the proxy side all connection will look like they were
> coming from the firewall?
> I think the software is using a user/password  identification model so
> probably not important.
> Actually I have not tested this part.
> I'm just testing if the port redirection is working doing a telnet to
> 80.
> I'm supposed to get html headers and actually the telnet doesn't even
> connect.
> Any idea?

Sure -- this is the problem described in FAQ #2. I'm just wondering if the
same solution works for proxies.

Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

Shorewall-users mailing list