www.fli4l.de

fli4l_FAQ's

Allgemeine Fragen
...zu DSL
Funktions-FAQ
Problem-FAQ
Portforwarding

...Beispieldatei

Für die nicht ganz englischfesten oder nicht Doku-lesenden fli4l User die
Config.txt auf deutsch.




Diese portfw.sh ist nur bis fli4l Version 2.0 gültig.
Bei alle Versionen danach bitte dieses Beispielscript verwenden.

#! /bin/sh
#------------------------------------------------------------------------------
# /usr/local/bin/portfw.sh - ip port forwarding
#------------------------------------------------------------------------------
# ATTENTION ATTENTION ATTENTION ATTENTION ATTENTION ATTENTION ATTENTION
#                  NEW ARGUMENTS, SEE BELOW !!!
# ATTENTION ATTENTION ATTENTION ATTENTION ATTENTION ATTENTION ATTENTION
#------------------------------------------------------------------------------
# Called by /etc/ppp/ip-up or ip-down everytime a new connection will
# be established or will be shutdown
#
# Either ipportfw or ipautofw can be used
#------------------------------------------------------------------------------
# Usage of portfw (NEW):
#
# add entry:
#   ipmasqadm portfw -a -P PROTO -L LADDR LPORT -R HIDDENHOST RPORT [-p PREF]
# delete entry:
#   ipmasqadm portfw -d -P PROTO -L LADDR LPORT [-R HIDDENHOST RPORT]
# clear table:
#   ipmasqadm portfw -f
# list table:
#   ipmasqadm portfw -l
# no names:
#   ipmasqadm portfw <args> -n
#
#   PROTO       protocol, can be "tcp" or "udp"
#   LADDR       local interface receiving packets to be forwarded
#   LPORT       port being redirected
#   HIDDENHOST  ip address of your lan computer using the application
#   RPORT       the port being redirected to
#   PREF        preference level (load balancing, default=10)
#------------------------------------------------------------------------------
# Usage of autofw (NEW):
#
# add entry:
#   ipmasqadm autofw -A -r PROTO LOW HIGH [-h HIDDENHOST] [-c ctltype ctlport]
# clear table (flush):
#   ipmasqadm autofw -F
#
#   PROTO       protocol, can be "tcp" or "udp"
#   LOW         lowest port of range
#   HIGH        highest port of range
#   HIDDENHOST  ip address of your lan computer using the application
#------------------------------------------------------------------------------
# Here you will find hints to get your application run:
#
#                      http://www.tsmservices.com/masq/
#------------------------------------------------------------------------------
# NEW:
# This script will be called now with two arguments:
#    $1  state    "up" or "down"  default route is up
#    $2  ip       x.x.x.x         ip address of your wan interface, eg. isdn
#------------------------------------------------------------------------------
# Creation:     08.09.2000  fm
# Last Update:  05.11.2000  fm
#------------------------------------------------------------------------------

state=$1                                        # "up" or "down"
ip=$2                                           # ip address of wan interface

#------------------------------------------------------------------------------
# Define your PCs to forward ports to:
#------------------------------------------------------------------------------
hiddenhost1=192.168.6.2                         # ip of PC in LAN: change here!
hiddenhost2=192.168.6.3                         # ip of PC in LAN: change here!
hiddenhost3=192.168.6.4                         # ip of PC in LAN: change here!
hiddenhost4=192.168.6.5                         # ip of PC in LAN: change here!

if [ "$state" = "down" ]                        # state is down ...
then
    echo "shutting down port forwarding ..."
else
    echo "initializing port forwarding ..."
fi

/usr/sbin/ipmasqadm portfw -f                   # ipportfw: clear old tables
/usr/sbin/ipmasqadm autofw -F                   # ipautofw: flush old tables

if [ "$state" = "down" ]                        # state is down: exit here
then
    exit 0
fi

#------------------------------------------------------------------------------
# example for ftp (internal ftp server, access from outside):
#
# Don't forget to correct the firewall ports in config.txt, see FW_N_PORTS
# and FW_PORT_x
#
# and to enable the ftp-Masquerading module in config.txt:
#   MASQ_MODULE_1='ftp'                         # masquerading module: ftp
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r tcp 21 21 -h $hiddenhost1

#------------------------------------------------------------------------------
# example for http (internal http server, access from outside):
#
# Don't forget to correct the firewall ports in config.txt, see FW_N_PORTS
# and FW_PORT_x
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r tcp 80 80 -h $hiddenhost1

#------------------------------------------------------------------------------
# roger wilco by basti
#------------------------------------------------------------------------------
/usr/sbin/ipmasqadm autofw -A -v -r tcp  3782  3782 -h $hiddenhost1
/usr/sbin/ipmasqadm autofw -A -v -r udp  3782  3782 -h $hiddenhost1

#------------------------------------------------------------------------------
# counter-strike-server by basti
#------------------------------------------------------------------------------
/usr/sbin/ipmasqadm autofw -A -v -r udp  27015  27015 -h $hiddenhost1
/usr/sbin/ipmasqadm autofw -A -v -r tcp  27015  27015 -h $hiddenhost1


#------------------------------------------------------------------------------
# icq by basti (5 ports pro Client reichen zum Dateiaustausch, ICQ-Phone
# etc. aus !!!)
#
# Ich denke, dass aus Sicherheitsaspekten nur sowenige ports wie möglich
# geforwardet werden sollten.
#------------------------------------------------------------------------------
/usr/sbin/ipmasqadm autofw -A -v -r tcp  5010  5014 -h $hiddenhost2
/usr/sbin/ipmasqadm autofw -A -v -r tcp  5015  5019 -h $hiddenhost3
/usr/sbin/ipmasqadm autofw -A -v -r tcp  5020  5024 -h $hiddenhost4

#------------------------------------------------------------------------------
# example for VNC
# xx = Displaynummer
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r tcp  58XX 58XX  -h $hiddenhost1 #VNC
#/usr/sbin/ipmasqadm autofw -A -v -r tcp  59XX 59XX  -h $hiddenhost1 #Web
#/usr/sbin/ipmasqadm autofw -A -v -r tcp  5500 5500  -h $hiddenhost1 #Viewer


#------------------------------------------------------------------------------
# example for Battlecom (using ipautofw):
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r udp  2300  2400 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r tcp  2300  2400 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r tcp 47624 47624 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r udp 47624 47624 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r udp 28800 28900 -h $hiddenhost1

#------------------------------------------------------------------------------
# example for DIABLO II (using ipautofw):
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r tcp   116  116 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r tcp   118  118 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r tcp  4000 4000 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r udp  6112 6112 -h $hiddenhost1

#------------------------------------------------------------------------------
# example for Siedler III (using ipautofw):
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r udp  2300  2400 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r tcp  2300  2400 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r udp  3346  3400 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r udp 28800 28900 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r udp 47624 47624 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r tcp 47624 47624 -h $hiddenhost1

#------------------------------------------------------------------------------
# example for IRC  (using ipautofw):
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r tcp  113   113 -h $hiddenhost1 #IDENTD(irc)
#/usr/sbin/ipmasqadm autofw -A -v -r tcp  2112  2114 -h $hiddenhost1 #DCC (irc)

#------------------------------------------------------------------------------
# example for UT (UNREAL TOURNAMENT) Server only
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r udp   7777   7779 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r udp  27900  27900 -h $hiddenhost1

#------------------------------------------------------------------------------
# example for QUAKE Server only
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r udp  27960  27960 -h $hiddenhost1

#------------------------------------------------------------------------------
# example for Napster:
# forward napster connections to 4 different intern PCs:
#
# PLEASE READ
#    http://www.linuxdoc.org/HOWTO/mini/IPMasquerading+Napster-4.html
#------------------------------------------------------------------------------
#nap1=6702                                           # napster port of PC 1
#nap2=6703                                           # napster port of PC 2
#nap3=6704                                           # napster port of PC 3
#nap4=6705                                           # napster port of PC 4
#/usr/sbin/ipmasqadm portfw -a -P tcp -L $ip $nap1 -R $hiddenhost1 $nap1
#/usr/sbin/ipmasqadm portfw -a -P tcp -L $ip $nap2 -R $hiddenhost2 $nap2
#/usr/sbin/ipmasqadm portfw -a -P tcp -L $ip $nap3 -R $hiddenhost3 $nap3
#/usr/sbin/ipmasqadm portfw -a -P tcp -L $ip $nap4 -R $hiddenhost4 $nap4

#------------------------------------------------------------------------------
# example for GameVoice(TM) Software (Server 'N Client): (by Detlef Hoppe )
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r udp  9110 9110 -h $hiddenhost1

#------------------------------------------------------------------------------
# example for Ivisit: (by Detlef Hoppe )
#------------------------------------------------------------------------------
#/usr/sbin/ipmasqadm autofw -A -v -r udp  9943 9943 -h $hiddenhost1
#/usr/sbin/ipmasqadm autofw -A -v -r udp  56768 56768 -h $hiddenhost1
#------------------------------------------------------------------------------

#------------------------------------------------------------------------------
# END
#------------------------------------------------------------------------------
echo 'done'                        # END
nach oben

Wenn nicht anders angegeben, wurden diese Seiten von StPeiser erstellt