[NTLUG:Discuss] Firewall Forwarding Question
Kenneth Loafman
ken at lt.com
Wed Feb 19 13:02:56 CST 2003
Anyone have an answer for this? I'm really curious how to get iptables
forwarding to work properly.
...Thanks,
...Kenneth
Kenneth Loafman wrote:
> OK, what I'm trying to do is this... two systems, A & B, sit outside the
> firewall and I want to route syslog (port 514) from them through the
> firewall to another machine, C, which will collect the logs from all
> three machines and retain them for a long time.
>
> What I have now is A&B both remote logging to FW, where FW's syslog is
> started with "-r -h" to forward the logs to C, which is started with
> just the "-r" option. This works.
>
> A ---> FW <--- B
> |
> |
> v
> C
>
> What I want is a more direct, more hacker-proof system, that uses port
> forwarding to forward port 514 directly through FW to C. This way, even
> if a hacker turns off syslogd on FW, A & B will still get logged on C.
> Also, I tried, and failed, to get it to run that way, and I want to find
> out why. Here are the iptables commands I used. Got nothing thru.
>
> -A FORWARD -s A -i eth0 -d C -o eth1 -p udp -m udp --dport 514 -j ACCEPT
> -A FORWARD -s B -i eth0 -d C -o eth1 -p udp -m udp --dport 514 -j ACCEPT
>
> I've not used port forwarding before, so I may have missed something.
>
> Any ideas?
>
> ...Thanks,
> ...Kenneth
>
>
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
>
More information about the Discuss
mailing list