The tool that you want to use is ipmasqadm. Their are various modules that are loded and configured with this tool. To do port forwarding to an inside address you would do something like this: ipmasqadm portfw -a -P tcp -L 255.255.255.255 80 -R 192.168.x.x 80 Where 255.255.255.255 is the ip of your outside interface, the number after the ip is the incoming port, and the 192.169.x.x is the internal address of the computer you want to forward to, the number after the ip is the port you want to direct to on the inside machine. You can do a ipmasqadm portfw with no options and it tells you what to put in. One thing your kernel has to have support for this, and the modules have to be compiled, most firewall solutions will do this, but I have no idea about plonk, never used it. -- Bret Baptist Systems and Technical Support Specialist bbaptist at iexposure.com Internet Exposure, Inc. http://www.iexposure.com (612)676-1946 Web Development-Web Marketing-ISP Services On Monday 10 September 2001 03:13 pm, you wrote: > Is there a better tool for what I want to do? I simply want to get internet > by going through the Linux box with my Windows workstations, forward FTP, > and WWW to private addresses on the LAN, and access my Windows workstation > from out side the network using Timbuktu, which uses udp 407,1417-1420. I > am using 192.168.x.x IP's. > > Second application I would like to do is: Set up a Redhat box at my church > as a gateway to the Internet. The difference is, it has an ISDN dial up > connection to a Netgear ISDN modem. Currently we are using winroute for > this, but it causes problems for us. > > > Thanks for your help > > Raymond > > > > ----- Original Message ----- > From: Andy Zbikowski (Zibby) <zibby+tclug at ringworld.org> > To: <tclug-list at mn-linux.org> > Sent: Monday, September 10, 2001 10:46 AM > Subject: Re: [TCLUG] plonk ipchain firewall > > > For 2.2 kernels you'll have to look into ipfwadm...I think. I really > > don't remember how to forward stuff in 2.2 kernels. > > > > With 2.4 kernels it's really easy: > > $IPTABLES -A PREROUTING -t nat -p tcp --dport 1012 -i eth0 -j DNAT --to > > 192.168.1.12:22 > > > > But tools like plonk aren't quite ready for iptables yet. > > > > Andrew S. Zbikowski | http://www.ringworld.org > > "We can learn much more from wise words, little > > from wisecracks and less from wise guys." > > --William Arthur Ward > > > > > > _______________________________________________ > > tclug-list mailing list > > tclug-list at mn-linux.org > > https://mailman.mn-linux.org/mailman/listinfo/tclug-list > > _______________________________________________ > tclug-list mailing list > tclug-list at mn-linux.org > https://mailman.mn-linux.org/mailman/listinfo/tclug-list