Linuxathome.net

Linux news and help for home broadband internet users
It is currently Fri Mar 29, 2024 12:16 am

All times are UTC + 10 hours [ DST ]




Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: Translation
PostPosted: Tue Sep 17, 2002 12:15 am 
Offline
Newbie

Joined: Sat Jun 29, 2002 7:42 pm
Posts: 19
Location: Melbourne
Could someone please explain the following code as simply as possible, i'm going to try to interpert it so that i can get it working on my OpenBSD firewall.

Thanks.

Code:

EXT_IF="eth0"
INT_IF="eth1"
INT_LAN="192.168.0.0/24"

# This is the line that extracts the ip:
EXT_IP=$(ifconfig $EXT_IF | grep inet | sed s'/.*addr:\([0-9\.]*\)\ .*/\1/')

# Allow DC++ connections to firewall

ipchains -A input -j ACCEPT -s 0/0 -d $EXT_IP 1412 -p tcp -i $EXT_IF
ipchains -A input -j ACCEPT -s 0/0 -d $EXT_IP 1412 -p udp -i $EXT_IF

# Forward DC++ connections

ipmasqadm portfw -a -P tcp -L $EXT_IP 1412 -R $YOUR_IP 1412
ipmasqadm portfw -a -P udp -L $EXT_IP 1412 -R $YOUR_IP 1412

_________________
Neo: "Are you saying I can comment my code? "

Morpheous: "No Neo. What I am saying is...when the time comes - You won't need to. Do you really believe the variables and syntax around you is real, Neo?'"


Top
 Profile  
Reply with quote  
 Post subject: Re: Translation
PostPosted: Tue Sep 17, 2002 3:31 pm 
Offline
Admin

Joined: Sun Jun 23, 2002 9:20 pm
Posts: 187
Location: Interweb - Sydney
Code:
EXT_IF="eth0"
INT_IF="eth1"
INT_LAN="192.168.0.0/24"

This is just variable settings, setting up the internal and extranal interface names and the last line is just a variable that says a subnet mask 255.255.255.0 which means a full class C subnet can be used (i.e. 254 computers on the network).

Code:
# This is the line that extracts the ip:
EXT_IP=$(ifconfig $EXT_IF | grep inet | sed s'/.*addr:\([0-9\.]*\)\ .*/\1/')

This is just trying to find out the current EXTENAL IP addres (i.e. your WAN address), really only necessary for DYNAMIC IP setups.

Code:
# Allow DC++ connections to firewall
ipchains -A input -j ACCEPT -s 0/0 -d $EXT_IP 1412 -p tcp -i $EXT_IF
ipchains -A input -j ACCEPT -s 0/0 -d $EXT_IP 1412 -p udp -i $EXT_IF

This is just opening the port 1412 for TCP and UDP traffic so that the firewall is not blocking it anymore.

Code:
# Forward DC++ connections
ipmasqadm portfw -a -P tcp -L $EXT_IP 1412 -R $YOUR_IP 1412
ipmasqadm portfw -a -P udp -L $EXT_IP 1412 -R $YOUR_IP 1412

This is then forwarding the TCP and UDP traffic on port 1412 to the LAN machine with IP address $YOUR_IP which would be of the form 192.162.0.X.

That help?

_________________
"Backups are for wimps. Real men upload their data to an FTP site and have everyone else mirror it."
Administrator, Editor, Technical
http://www.linuxathome.net


Top
 Profile  
Reply with quote  
 Post subject:
PostPosted: Tue Sep 17, 2002 5:57 pm 
Offline
Newbie

Joined: Sat Jun 29, 2002 7:42 pm
Posts: 19
Location: Melbourne
Yeah a little bit, I am trying to get DC++ to work in active mode behind my firewall.
I found that code on one of their fourms so i thought that i might be able to translate it so that i can use it on OpenBSD.

so for this is what i have for my rules.

nat.conf
Code:
rdr on $INT proto tcp from $LAN to any port 1412 -> 192.168.0.3 port 1412

rdr on $INT proto udp from $LAN to any port 1412 -> 192.168.0.3 port 1412



pf.conf
Code:
pass in on $EXT inet proto tcp from any to $EXT port 1412 keep state
pass in on $EXT inet proto udp from any to $EXT port 1412 keep state


But it doesn't seem to be working, i test it by doing a search form something and it doesn't show any search results, but when it is in passive mode it shows plently of results.

Has anyone else had any luck with it?

Thanks

_________________
Neo: "Are you saying I can comment my code? "

Morpheous: "No Neo. What I am saying is...when the time comes - You won't need to. Do you really believe the variables and syntax around you is real, Neo?'"


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC + 10 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group