Carl Johnson on 24 Jan 2011 08:01:59 -0800


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Firewall question

it looks like by doing that you're taking the same data from the same single interface and sending it to two places. i think he wants his ipcop to handle two external ip's and treat them as seperate entities??

it seems as though IPcop CAN do this in stock form (been a while since i used IPcop). there's some caveats though....
http://www.ipcops.com/phpbb3/viewtopic.php?f=15&t=10494

On Mon, Jan 24, 2011 at 10:45 AM, David Coulson <david@davidcoulson.net> wrote:
You should be able to do this without multiple interfaces - My Linux-based Astaro firewall can do it.

All you are trying to do is a pair of NAT rules which look like this:

x.x.x.x -> extip:21 -> 10.1.1.x:21
0.0.0.0/0 -> extip:21 -> 10.1.1.y:21

Should be easy to do. I am surprised IPCop can't do it.

David

On 1/24/2011 10:42 AM, Carl Johnson wrote:
firewalls CAN do it, IF there's support for multiple untrusted/external/WAN/red interfaces. i don't believe a stock IPcop does this on red.

On Mon, Jan 24, 2011 at 9:57 AM, Julien Mills <julienfmills@yahoo.com> wrote:
Hi all,

I'm just trying to configure my IPCOP firewall.  It won't let
me do what I'd like to do.

I'm setting up the port forwarding.  I want ftp from certain
external ip's to go to a one machine.  And ftp coming from
other external ip's to go to a different machine. 

It won't let me do this.  When I go to add the second rule it
claims that ports 20-21 are in use.

Now, my question is this, is this just something that IPCOP won't
do?  Or is it that all firewalls won't do it either?  And I'll have to
use some different incoming port to do what I want to do?

Or does someone have some other idea on this?

Thanks,

Julien

------------------------------------------------------
Julien Mills julienfmills@yahoo.com


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug



___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug


___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug