[Shorewall-users] Portforwarding didn't work
Thu, 24 Jan 2002 09:32:16 -0500
1521 Hmm.. That's the TNS listener 8.x on Oracle.
It won't work.
The way that Oracle works with the TNS listener, is a bit like a 2 tier
When SQL*NET establishes a connection to the remote host at port 1521,
the TNS listener will dispatch an oracle process on a random port, and
then returns a string to your SQL*NET that looks something in the line
of (HOST=3D<the ip of the oracle host and not the firewall> PORT=3D<the =
of the oracle host>).
So, if you're on the public network (say, the internet) and your SQL*NET
received the message to connect to a non-routable IP. Well, unless you
have a VPN connection, you're going nowhere.
My suggestion, make a vpn connection, or use Oracle connection manager
for Linux (I never tried oracle connection manager, but I know it exists
to bypass firewalls).=20
[mailto:email@example.com] On Behalf Of Tom Eastep
Sent: January 24, 2002 9:23 AM
To: firstname.lastname@example.org; email@example.com
Subject: Re: [Shorewall-users] Portforwarding didn't work
On Thursday 24 January 2002 02:20 am, firstname.lastname@example.org wrote:
> Hallo Tom
> sorry =A0the line in the masq file is eth0 =A0 =A0 220.127.116.11/24
> and not eth1 as send in the email before.
> In the nat file nothing is configured
Then your Shorewall setup appears correct, assuming that you want to
TCP ports 1521 and 1526 to system 18.104.22.168. I suggest that you
the traffic on both sides of the firewall with tcpdump or ethereal to
see what is going wrong.=20
Do you know for sure that the DB application works through NAT?=20
Tom Eastep \ A Firewall for Linux 2.4.*
AIM: tmeastep \ http://www.shorewall.net
ICQ: #60745924 \ email@example.com
Shorewall-users mailing list