Wednesday, January 9, 2013

ipcop port forwarding

From various sources:

IPCop 2.0.1 port forwarding might not work:

From Brandon Cherry

Hello, I have been using IPCop since the 1.3 days though I have never 
had a need to post to this list before. I recently upgraded to the 2.0.6 
version of IPCop. I put the box into production after everything checked 

The other day I had to add a new port forward with a new alias. I know 
one of the new things in this version is the ability to name the aliases 
which I did not originally use. Adding the alias went fine. It was when 
I tried to forward ports using the new alias that I encountered a problem.

I noticed that not all of my port forwards get applied to iptables, 
though it showed up under "Firewall Rules". I quickly restored a backup 
I had made before changing anything. I tried to replicate the situation 
in development and noticed the same behavior.

Basically what happens is, if you do not name your aliases, then IPCop 
will store Alias X (where X is a number) in the file 
/var/ipcop/firewall/config. If you name the alias, the name gets stored 
in that file. When you add an alias that might be in the middle of your 
IP range, then all of the port forwarding rules do not get applied to 
anything that has an alias number equal to or higher than the new alias. 
You end up with two aliases with the same number and the iptables rules 
do not get applied.

My temporary fix was to name all of my aliases. I apologize if I missed 
something, but I did searched around and didn't see anything reported on 
this issue. Can you duplicate this? Has anyone ran into this before?
-- Brandon Cherry
Access to network during bringup: from example about setting static routes
Executing: nano /etc/rc.d/rc.event.local
Then append this by copying and pasting into  rc.event.local:

     if [ ${1} == "network" -a ${2} == "up" ]; then

          /sbin/route add -net  netmask gw

Osmar Gonzalez

No comments:

Post a Comment