Thread: Why not tell people how to portforward?
View Single Post
  #1 (permalink)  
Old April 11th, 2001
Mr.Smith Mr.Smith is offline
Novicius
  
Join Date: April 10th, 2001
Posts: 3
Mr.Smith is flying high
Post Why not tell people how to portforward?
Hi

I know, mostly because then those on whose Systems it doesnt work start getting on your nerves rather those of others. But why not give an example and tell them not to use it if it doesnt work or to get on the nerves of someone else? That you wont answer questions regarding the forwarding at all?

Because in 90 percent of all cases the example just works! Why force everyone to teach himself ipmasqadm and ipchains, to read through tons of docs??

Anyway, here would be mine, i am no expert on this but i think that it should work for most people:

in ip-up:

IPADDR=$4;
ZEIT=$( date '+%k:%M %d/%m/%Y' )
echo $ZEIT $IPADDR >> /var/log/routerip.log
recode lat1..ibmpc < /var/log/routerip.log > /share/ipaddressedesrouters.txt

# GNUtella-Ports an Host im LAN forwarden
/usr/sbin/ipmasqadm portfw -f
/usr/sbin/ipmasqadm portfw -a -P tcp -L $IPADDR 6346 -R 192.168.1.666 6346

This also forwards the IP of the Firewall into a txtfile (converts this into ibmpc-format first)into a file on the sambasharefolder, so i can enter it manually into bearshare.

ip-down:

ZEIT=$( date '+%k:%M %d/%m/%Y' )
TEXT="Verbindung getrennt!"
echo $ZEIT $TEXT >> /var/log/routerip.log
recode lat1..ibmpc < /var/log/routerip.log > /share/ipaddressedesrouters.txt
/usr/sbin/ipmasqadm portfw -f

This deletes the portforwarding at the moment the connection of the firewall goes down. And updates my ipaddressedesrouters.txt.

I think it now should be easier to figure out what to do if you look at these examples than when you have to start from nothing, just knowing that you have to forward some "ports" to your machine on the LAN.

BTW: other hosts on your LAN than 192.168.1.666 shouldnt do automatic connections to hosts, but manually connect to 192.168.1.666 and only connect to this machine. I havent tried this yet as i dont have more GNUtellahosts on this LAN but i think it should work.

The 192.168.1.666 of course isnt a valid ip. You have to replace it with the ip of your primary Gnutella host on your LAN

You have to tell (in my case) bearshare that its real ip is the ip of the gateway. this isnt easy, but there are websites that discover your external ip, if you cant use such a simple script like mine up there to find it out yourself.

You also shouldnt do this if you have other ports forwarded with portfw, as the flush (portfw -f) entries in ip-up and ip-down would erase other settings to portfw previously made, but i guess if you have set up portfw already on your firewall you know what to do anyway

For me this Config runs very well, i have incoming connections accepted and down- and uploads work just fine.

So, now tell me what you think. Give me other reasons why not to give examples like this or why you think i immediately should change my configuration if you have a better one.

cu

Mr.Smith
Reply With Quote