Login or Register to Ask a Question and Join Our Community


Solaris

Port/IP Forwarding in Solaris 10.0

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Solaris Port/IP Forwarding in Solaris 10.0
# 1  
Old 10-10-2009
Question Port/IP Forwarding in Solaris 10.0
Hi,

I am looking out a way to forward all UDP traffic coming on ports 3001,3002,3003 and 3004 on server 10.2.45.200
to
corresponding ports of server 10.2.45.197.

I am using Solaris 10.0.
Code:
-bash-3.00$ uname -a
SunOS airtelussd2 5.10 Generic_127127-11 sun4u sparc SUNW,Sun-Fire-V445

Is there someway out in Solaris to accomplish this ?
Last edited by vikas027; 10-14-2009 at 12:17 AM..
# 2  
Old 10-10-2009
I think you should use "ipnat", though I've never used it and don't know how to configure it. Man pages should help you with that:
ipnat(4) – IP NAT file format (man pages section 4: File Formats) - Sun Microsystems
ipnat(1M) – user interface to the NAT subsystem (man pages section 1M: System Administration Commands) - Sun Microsystems
# 3  
Old 10-11-2009
1st case - If you want to block any ports
#vi /etc/ipf/pfil.ap
and uncomment there the specific drivers you are interested in
#svcadm enable ipfilter
to enable and start the ipfilter service.
#autopush -f /etc/ipf/pfil.ap
For example,
You will find some examples of the ipf.conf configuration file in /usr/share/ipfilter/examples. Just copy one of them over /etc/ipf/ipf.conf to start playing around. A simpler demo is to add the one line (spaces between each word):
block in quick proto tcp from any to any port = 23
to the default empty /etc/ipf/ipf.conf and check that you firewall is running by trying to telnet to your machine from another one

2nd case, on your question on IP forwarding,
http://www.sun.com/bigadmin/content/...nt_ip_fwd.html
# 4  
Old 10-14-2009
Lightbulb
To accomplish my task, I have done this on 10.2.45.100:

In /etc/ipf/ipf.conf
Code:
pass in quick log proto udp from 75.126.76.41 port = 30118 to 10.2.45.197 port = 30118
pass in quick log proto udp from 75.126.76.41 port = 30119 to 10.2.45.197 port = 30119
pass in quick log proto udp from 75.126.76.41 port = 30120 to 10.2.45.197 port = 30120
pass in quick log proto udp from 75.126.76.41 port = 30121 to 10.2.45.197 port = 30121

In /etc/ipf/ipnat.conf
Code:
rdr bge1:1 75.126.76.41/8 port 30118 -> 10.2.45.197 port 30118 udp
rdr bge1:1 75.126.76.41/8 port 30119 -> 10.2.45.197 port 30119 udp
rdr bge1:1 75.126.76.41/8 port 30120 -> 10.2.45.197 port 30120 udp
rdr bge1:1 75.126.76.41/8 port 30121 -> 10.2.45.197 port 30121 udp

This is my ipfstat -io output.

Am I going the right way ? To apply changes in ipnat.conf, do we need a reboot.

Pls suggest a way forward.
# 5  
Old 10-14-2009
Quote:
Originally Posted by vikas027
To apply changes in ipnat.conf, do we need a reboot.
I think it can be done without reboot with that:

Code:
ipnat -C -f /etc/ipf/ipnat.conf

To check if rules got imported to NAT table use:

Code:
ipnat -l

# 6  
Old 10-15-2009
Data
Quote:
Originally Posted by bartus11
I think it can be done without reboot with that:
Thanks for reply. I am getting this error.

Code:
# ipnat -C -f /etc/ipf/ipnat.conf
0 entries flushed from NAT list
syntax error error at ":", line 1


Seems like it ipnat doesn't takes interface name with ":". However, this is working fine.
Code:
rdr bge1 75.126.76.41/8 port 30118 -> 10.2.45.197 port 30118 udp

# 7  
Old 10-18-2009
MySQL
Hi People,

Just an update. I have achieved this. Smilie

There is no need for ipf rules here.

We need to specify only ipnat rules in ipnat.conf.

ipnat.conf
Code:
rdr bge1 75.126.76.41/8 port 30118 -> 10.2.45.197 port 30118 udp
rdr bge1 75.126.76.41/8 port 30119 -> 10.2.45.197 port 30119 udp
rdr bge1 75.126.76.41/8 port 30120 -> 10.2.45.197 port 30120 udp
rdr bge1 75.126.76.41/8 port 30121 -> 10.2.45.197 port 30121 udp

NOTE: Ipnat rules does not work for virtual IPs.

Thanks to all.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Red Hat

iptables port forwarding

Hello All, I would like to ask you very kindly with /etc/sysconfig/iptables file I have to setup port forwarding on RHEL6 router. Users from public network must be able to ssh to servers in private network behind RHEL6 router. Problem is that servers in private network must be isolated. My... (2 Replies)
Discussion started by: oidipus
2 Replies

2. IP Networking

Port Forwarding not working

Hello Gurus, I have configured port forwarding at router. But after configuration I am not able to connect the computer from outside/Over internet/Remote desktp from other computer. Could you please advice? Thanks- Pokhraj (2 Replies)
Discussion started by: pokhraj_d
2 Replies

3. UNIX for Advanced & Expert Users

Help on port forwarding please..

Hi experts, We have windows machine ( A ) in one network & 2 Linux Servers ( B & C ) in another network. There is a firewall between these 2 networks and SSH (TCP/22) & HTTPS (TCP/443) are allowed from A to B only (but not to C). There is no personal firewall / iptables running on any machine.... (1 Reply)
Discussion started by: magnus29
1 Replies

4. UNIX for Advanced & Expert Users

Iptable and port forwarding

Hello, I have a routeur linksys (192.168.1.1 ) a firewall (192.168.1.55 IN ----> 192.168.2.254 OUT) which using iptable I want to acces to an equipment (lorex video camera serveur 192.168.2.44) which using an ddns service on the port 9000 So i don t know which redirection a will do on the... (2 Replies)
Discussion started by: tapharule
2 Replies

5. IP Networking

SSH Port Forwarding - sharing the same port

Hi Linux/Unix Guru, I am setting Linux Hopping Station to another different servers. My current config to connect to another servers is using different port to connect. e.g ssh -D 1080 -p 22 username@server1.com ssh -D 1081 -p 22 username@server2.com Now what I would like to have... (3 Replies)
Discussion started by: regmaster
3 Replies

6. Solaris

ip and port forwarding in Solaris 10

Hi; I have the following issue: I have a Solaris server running an old applications which connects to an http server in other server at certain port. The thing is that the http server has changed its ip and port and the addres in the app is hard coded and touching the app by now is out of the... (0 Replies)
Discussion started by: ppereira
0 Replies

7. UNIX for Advanced & Expert Users

Port forwarding

Hi I want to set up port forwarding from one network to another network. I already have this configured on the Linux box using iptables. iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 1521 -j DNAT --to 10.218.146.230 iptables -A FORWARD -p tcp -i eth1 -d 10.218.146.230 -j ACCEPT ... (2 Replies)
Discussion started by: slash_blog
2 Replies

8. AIX

Port/ IP Forwarding AIX5.3

Hi friends i have the following setup machine1 two network adapters one connected to lan the other connected directly to machine2 machine2 is not connected to lan i need to access machine2 directly from the LAN how to force machine1 to forward all traffic received on a specific port the... (1 Reply)
Discussion started by: Husam
1 Replies

9. UNIX for Advanced & Expert Users

port forwarding

Hi, I have to install an application that has a built in tftp server. Tftp comes in on port 69. As i am not installing this application as a root user i am running into trouble because only the root user can listen to ports < 1024. So changing the port i listen to to one greater than 1023 isn't... (1 Reply)
Discussion started by: imloaded24_7
1 Replies

10. UNIX for Dummies Questions & Answers

iptables: forwarding a port

I've been googling for a while now, trying to forward port 3000 to port 80.... In the past I used to DLink router to forward port 3000 to 80. I recently finished (well, is it ever done anyhow?) setting up my linux box and got it acting as a router. I want to continue to run Apache on port 80... (1 Reply)
Discussion started by: meeps
1 Replies
Login or Register to Ask a Question