IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Linux Forum / why not vpn from the linux box?
Post #86,228
by boxley
3/6/03 6:17:43 PM
Reply
New why not vpn from the linux box?
will work for cash and other incentives [link|http://home.tampabay.rr.com/boxley/resume/Resume.html|skill set]

questions, help? [link|mailto:pappas@catholic.org|email pappas at catholic.org]
\ufffdOmni Gaul Delenda est!\ufffd Ceasar
Post #86,265
by folkert
Picture of folkert
3/6/03 8:16:48 PM
Reply
New Not really a good idea with IPCHAINS...
IPCHAINS really has sucky support for PORT forwarding...

Use IPTABLES... you can force it :)

Of course that means getting a 2.4.x kernel to be on the box.

Why you should probably use Debian Woody... or Sarge... :)
b4k4^2
[link|mailto:curley95@attbi.com|greg] - Grand-Master Artist in IT
[link|http://www.iwethey.org/ed_curry/|REMEMBER ED CURRY!]   [link|http://pascal.rockford.com:8888/SSK@kQMsmc74S0Tw3KHQiRQmDem0gAIPAgM/edcurry/1//|ED'S GHOST SPEAKS!]
[link|http://www.eweek.com/article2/0,3959,857673,00.asp|Writing on wall, Microsoft to develop apps for Linux by 2004]
Heimatland Geheime Staatspolizei reminds:
These [link|http://www.whitehouse.gov/pcipb/cyberspace_strategy.pdf|Civilian General Orders], please memorize them.
"Questions" will be asked at safety checkpoints.
Post #86,386
by Arkadiy
Picture of Arkadiy
3/7/03 8:15:50 AM
Reply
New IP Tables is the newest incarnation?
--

It made Ketchup!
Sweet Ketchup!
Put it on a hot dog, put it on a burger,
Put it on your sister and she'll holler blody murder!
Sweet Ketchup.

--Tom Paxton.
Post #86,409
by folkert
Picture of folkert
3/7/03 9:29:18 AM
Reply
New Yep... IPTABLES == IPCHAINS on Massive Steroids
You get three TYPES of tables each possible of doing CHAINS... plus you can apply them PRE-ROUTING or POST-ROUTING... AWESOME...

And... AND... it is tremendously more scalable... it is actually less processor intensive as well...

For IPTABLES, you can do SNAT, DNAT, plain-ole NAT, MASQUERADING, Virtual Address Forwarding, Port forwarding, Address Mapping... defaults can be used to be Open - Except or Closed - Except... it is Stateful (wonderful there) and even that can be turned off... logging has 7 settings (no logging to "OHMYGAWD my 1TiB LOG Volume is Full Already in 20 minutes" setting)

Overall it can make traffic do anything you REALLY want it to do.
b4k4^2
[link|mailto:curley95@attbi.com|greg] - Grand-Master Artist in IT
[link|http://www.iwethey.org/ed_curry/|REMEMBER ED CURRY!]   [link|http://pascal.rockford.com:8888/SSK@kQMsmc74S0Tw3KHQiRQmDem0gAIPAgM/edcurry/1//|ED'S GHOST SPEAKS!]
[link|http://www.eweek.com/article2/0,3959,857673,00.asp|Writing on wall, Microsoft to develop apps for Linux by 2004]
Heimatland Geheime Staatspolizei reminds:
These [link|http://www.whitehouse.gov/pcipb/cyberspace_strategy.pdf|Civilian General Orders], please memorize them.
"Questions" will be asked at safety checkpoints.
Post #86,385
by Arkadiy
Picture of Arkadiy
3/7/03 8:14:59 AM
Reply
New VPN client runs on the laptop, linux box is my firewall
--

It made Ketchup!
Sweet Ketchup!
Put it on a hot dog, put it on a burger,
Put it on your sister and she'll holler blody murder!
Sweet Ketchup.

--Tom Paxton.
     Linux ipchains firewall and VPN - (Arkadiy) - (9) - March 6, 2003, 06:13:53 PM EST
         why not vpn from the linux box? -NT - (boxley) - (4) - March 6, 2003, 06:17:43 PM EST
             Not really a good idea with IPCHAINS... - (folkert) - (2) - March 6, 2003, 08:16:48 PM EST
                 IP Tables is the newest incarnation? -NT - (Arkadiy) - (1) - March 7, 2003, 08:15:50 AM EST
                     Yep... IPTABLES == IPCHAINS on Massive Steroids - (folkert) - March 7, 2003, 09:29:18 AM EST
             VPN client runs on the laptop, linux box is my firewall -NT - (Arkadiy) - March 7, 2003, 08:14:59 AM EST
         Very similar to my setup. - (Brandioch) - (3) - March 7, 2003, 07:09:17 PM EST
             Re: Very similar to my setup. - (Arkadiy) - (2) - March 7, 2003, 08:53:43 PM EST
                 Whoops. Correction. - (Brandioch) - (1) - March 7, 2003, 11:34:26 PM EST
                     The restriction on source port is in server - (Arkadiy) - March 9, 2003, 12:01:52 AM EST

In the Land of Mordor where the Shadows lie.
65 ms