IP Masquerade allows its clients reach the internet, but there is only one address associated with the entire network. Therefore, outside hosts cannot communicate directly with any of the clients, to reach any services inside. Suppose you have a web server on an NT machine to run those cool Active Server Pages. What needs to be done is have a program listen to a port and redirect that traffic to the NT box. There are most likely several ways to do this. I have used a program called 'redir
' to test this problem out. This program can be found at Sunsite or in the RedHat contrib directory.
redir has the following syntax:
/usr/sbin/redir [options] [remote-host] listen_port connect_port
listen_port
is the port the outside will connect to. See a list of ports and services in /etc/services
.
Here is an example that will redirect an http request to the inside machine. (Do not run a web server on the linux host, port 80, if this other one is to be the 'real' web server.)
/usr/sbin/redir 192.168.1.2 80 80
This can be run either from the command line or in /etc/rc.d/rc.local
.