[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rinetd fails to compile

To: misc@openbsd.org
Subject: Re: rinetd fails to compile
From: Christoph Schneeberger <cschnee@box.telemedia.ch>
Date: Wed, 03 Jan 2001 17:50:03 +0100
Organization: SCS Telemedia

Well, in my case this would mean 
rdr xl0 1.2.3.4/32 port 110 -> 1.2.3.5 port 110

I tested the following on one of my hosts before heading for rinetd:

created an /etc/ipnat.rules with
rdr xl0 10.1.1.2/32 port 23 -> 10.1.1.20 port 23
# 10.1.1.2 is the local address, no telnetd listening here
# 10.1.1.20 is the remote having a telnetd listening

set ip forwarding with
sysctl -w net.inet.ip.forwarding=1
init ipf and ipnat
ipf -Fa -vf /etc/ipf.rules E
ipnat -CF -f /etc/ipnat.rules

after that I think 10.1.1.2 should forward telnet to 10.1.1.20 but it
doesn't which make me believe that ipnat needs 2 interfaces two work.

Am I doing something completely wrong or is this assumption correct that
NAT needs 2 interfaces ?

Thanks for your help so far,
Christoph



Tony Sarendal wrote:
> 
> On Wed, Jan 03, 2001 at 02:53:30PM +0100, Christoph Schneeberger wrote:
> > Tony,
> >
> > As stated in my previous reply, I think there's no way to accomplish
> > this with ipnat / ipf.
> > On the other hand, a general port redirector / relay is fine tool to
> > have for tests and stuff.
> > But to make it clear, NOT on a firewall - there ipnat IS the choice, I
> > agree totally with that.
> 
> Maybee I haven't understood what you are trying to do.
> At the rinetd page it says:
>         Redirects TCP connections from one IP address and port to another.
> 
> which is also doable with ipnat, but without translating the client address.
> 
> In /etc/ipnat.rules:
>         rdr fxp0 1.2.3.4/32 port 80 -> 192.168.3.9 port 8002
> 
> I feel like I'm missing something.
> 
> /T
> 
> >
> > Cheers,
> > Christoph
> >
> > Tony Sarendal wrote:
> > >
> > > On Wed, Jan 03, 2001 at 11:59:29AM +0100, Christoph Schneeberger wrote:
> > >
> > > Hi Christoph.
> > >
> > > I had a quick look at the code, and I have a question.
> > > What is your reason for using rinetd instead of
> > > ipf+ipnat which is already in OpenBSD ?
> > >
> > > With ipnat your server will also be able to see
> > > the clients real IP-address.
> > >
> > > Porting it doesn't look like to much work,
> > > but I just don't see the point of doing it.
> > >
> > > /Tony S
> > >
> > > > Hi,
> > > >
> > > > I am desperatly trying to get the latest rinetd
> > > > (http://www.boutell.com/rinetd) running on 2.8.
> > > >
> > > > After unpacking the src into a temp directory I issue a "make" and
> > > > always get the following error:
> > > >
> > > > --
> > > > <tron:/root/tmp/rinetd>#make
> > > > cc -DLINUX -g  -c rinetd.c
> > > > rinetd.c:13: getopt.h: No such file or directory
> > > > *** Error code 1
> > > >
> > > > Stop in /root/tmp/rinetd.
> > > > <tron:/root/tmp/rinetd>#
> > > > --
> > > >
> > > > <lamer_question_ahead>
> > > > Is this something easy to get fixed or is it a real big porting issue ?
> > > > How about getting rinetd into the ports tree ? (Yes I would help
> > > > wherever I can, which is probably a bit very limited by my skills ;-))
> > > >
> > > > Thanks for your time and may the Blowfish be with you.
> > > >
> > > > Christoph Schneeberger
> > >
> > > --
> > > ------------------------------------------
> > > Tony Sarendal
> > > Network and Systems Engineer
> > >
> > > Eplay AB - http://www.eplay.se
> 
> --
> ------------------------------------------
> Tony Sarendal
> Network and Systems Engineer
> 
> Eplay AB - http://www.eplay.se

Prev by Date: -current: disk size needed?
Next by Date: Kern entry in Fstab
Prev by thread: Re: rinetd fails to compile
Next by thread: Apache & Perl, -current as of 2000-12-17
Index(es):
- Date
- Thread