Difference between revisions of "Bright:Shorewall:port forwarding"
Jump to navigation
Jump to search
(Created page with "== Port Forwarding == There are no examples in the rules files, although there are descriptions in the comments at the top of the file. In order to forward a port to another...") |
|||
| Line 1: | Line 1: | ||
== Port Forwarding == | == Port Forwarding == | ||
| − | There are no examples in the rules files, although there are descriptions in the comments at the top of the file. | + | * Edit the file: /etc/shorewall/rules |
| + | * Make sure the system are forwarding ports to is directly connect to one of the interfaces and the defgw is set as the headnode on the client (for e.g. pxe deployed systems are on a separate network and will not work when forwarding traffic. | ||
| + | * There are no examples in the rules files, although there are descriptions in the comments at the top of the file. | ||
In order to forward a port to another external system we would use the DNAT option. | In order to forward a port to another external system we would use the DNAT option. | ||
| Line 9: | Line 11: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| − | The example above is used to forward incoming traffic on | + | The example above is used to forward incoming traffic on the external network using port 5090, to the system with IP 10.16.1.1 on port 8081. This is the rule that allows us to control the Boston Cluster from outside the lab. |
Latest revision as of 15:34, 14 September 2016
Port Forwarding
- Edit the file: /etc/shorewall/rules
- Make sure the system are forwarding ports to is directly connect to one of the interfaces and the defgw is set as the headnode on the client (for e.g. pxe deployed systems are on a separate network and will not work when forwarding traffic.
- There are no examples in the rules files, although there are descriptions in the comments at the top of the file.
In order to forward a port to another external system we would use the DNAT option.
DNAT net net:10.16.1.1:8081 tcp 5090The example above is used to forward incoming traffic on the external network using port 5090, to the system with IP 10.16.1.1 on port 8081. This is the rule that allows us to control the Boston Cluster from outside the lab.