expose internal network to the outside world

Walter Dnes waltdnes-SLHPyeZ9y/tg9hUCZPvPmw at public.gmane.org
Thu Sep 15 03:54:37 UTC 2005


On Wed, Sep 14, 2005 at 10:19:12PM -0400, Matt Price wrote

> 1. "DDNS" -- here I'm allowed to have 1 static local IP address
> designated as
> a "server" ; requests on ports 80,21,and 25 (http, ftp, smtp) are
> forwarded on to the "server".  I've tried this and it works fine for
> http at least (I get the standard debian default index page from my
> local machine).  But there seems to be no further flexibility.

  On my GVC BB076 I have the following page on the web interface.  Shock!
It actually works in text mode with links2.  It allows a separate
address for each forwarded port.  I could presumably run 12 machines
with a different port/service being forwarded to each one.  Are you
saying that only one address is allowed?  Do you have a menu similar to
the following...

                     Multi-Functional ADSL Router (R1.01c1)


--------------------------------------------------------------------------------Administrator's |                        Virtual Server
   Main Menu    |
                |  ID    Service Ports        Server IP       Enable Use Rule#
* Status        |   1     ____________    192.168.123. ____    [ ]      0_
* Wizard        |   2     ____________    192.168.123. ____    [ ]      0_
  + Basic       |   3     ____________    192.168.123. ____    [ ]      0_
  Setting       |   4     ____________    192.168.123. ____    [ ]      0_
  - Forwarding  |   5     ____________    192.168.123. ____    [ ]      0_
  Rules         |   6     ____________    192.168.123. ____    [ ]      0_
  Virtual Server|   7     ____________    192.168.123. ____    [ ]      0_
  Special AP    |   8     ____________    192.168.123. ____    [ ]      0_
  Miscellaneous |   9     ____________    192.168.123. ____    [ ]      0_
  + Security    |  10     ____________    192.168.123. ____    [ ]      0_
  Setting       |  11     ____________    192.168.123. ____    [ ]      0_
  + Advanced    |  12     ____________    192.168.123. ____    [ ]      0_
  Setting       |
  + Toolbox     |  Well known services [-- select one --]  [ Copy to ] ID [--]
  [ Log out ]   |              Schedule rule [(00)Always]
                |
                | [ Save ] [ Undo ] [ Help ]



> 2. "NAT".  This section comes with the following instructions:
> 
> *Special Applications*
> 
> Some applications require multiple connections, such as Internet gaming,
> video conferencing, Internet telephony and others. These applications
> cannot work when Network Address Translation (NAT) is enabled. If you
> need to run applications that require multiple connections, specify the
> port normally associated with an application in the "Trigger Port"
> field, select the protocol type as TCP or UDP, then enter the public
> ports associated with the trigger port to open them for inbound traffic.
> 
> Note: The range of the Trigger Ports is from 1 to 65535.
> 
> THen there's a table in which I can associate "trigger ports" with
> "public ports".  But I don't think I really understand what this is
> about, as thre seems to be no way to associate a particular local
> machine with a forwarded port.
> 
> 3. DMZ.  THis screen lets me associate a local IP address (192.168.2.x)
> with a public IP address.  But this isn't what I want, is it?  Because
> after all I only have one constantly-changing IP address available to
> me...
> 
> Anyway -- I feel a little bit stumped.  I wondered whether anyone else
> had ideas about what I should do, whether I'm out of luck, etc.
> 
> THanks much,
> 
> matt
> 
> 
> 
> --
> The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml

-- 
Walter Dnes <waltdnes-SLHPyeZ9y/tg9hUCZPvPmw at public.gmane.org>
My musings on technology and security at http://tech_sec.blog.ca
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list