On Thu, 2003-01-09 at 19:26, Dharmendra.T wrote: > On Thu, 2003-01-09 at 11:46, mdew wrote: > > On Thu, 2003-01-09 at 17:55, Dharmendra.T wrote: > > > On Thu, 2003-01-09 at 08:11, mdew wrote: > > > > On Thu, 2003-01-09 at 03:24, Rob Sterenborg wrote: > > > > > > ok, telnet from another machine to the router. > > > > > > > > > > > > telnet 10.0.0.6 4662 > > > > > > Trying 10.0.0.6... > > > > > > telnet: Unable to connect to remote host: Connection refused > > > > > > > > > > > > what "service" should I be running? I simply want 4662 open both ways. > > > > > > > > > > # netstat -an|grep 4662 > > > > > should tell you if your box is listening at all on port 4662. > > > > > > > > > > If you run eDonkey server on the firewall box, open port in the INPUT > > > > > chain. > > > > > If your eDonkey server is *behind* the firewall, open the port in the > > > > > FORWARD chain, and add a DNAT rule in the nat table -> PREROUTING chain. > > > > > > > > the edonkey server is behind the firewall > > > > > > > > 210.54.175.12--->eth0 (Router) 10.0.0.6(eth1)--->10.0.0.x > > > > > > > > iptables -t nat -A PREROUTING -p tcp -i eth0 -d 210.54.175.12 --dport 4662 -j DNAT --to 10.0.0.6:4662 > > > > > > > > > > This should work without the last rule. > > > > > > iptables -A FORWARD -p tcp -i eth0 -d 10.0.0.6 --dport 4662 -j ACCEPT > > > > > > > > like that? > > > > the router isnt picking this up.. > > > > mdew:~# iptables -t nat -A PREROUTING -p tcp -i eth0 -d 210.54.175.12 > > --dport 4662 -j DNAT --to 10.0.0.6:4662 > > mdew:~# iptables -A FORWARD -p tcp -i eth0 -d 10.0.0.6 --dport 4662 -j > > ACCEPT > > mdew:~# netstat -an|grep 4662 > > mdew:~# > > > > mdew@nirvana:~$ nmap 10.0.0.6 > > > > Starting nmap V. 3.10ALPHA4 ( www.insecure.org/nmap/ ) > > Interesting ports on debian (10.0.0.6): > > (The 1598 ports scanned but not shown below are in state: closed) > > Port State Service > > 22/tcp open ssh > > 25/tcp open smtp > > 110/tcp open pop-3 > > 113/tcp open auth > > 135/tcp filtered loc-srv > > 139/tcp filtered netbios-ssn > > 8080/tcp open http-proxy > > > > Nmap run completed -- 1 IP address (1 host up) scanned in 2.545 seconds > > > > > > > As said you are not running any service on that port so the port is not > listening, Try the rules by listening a port using nc(netcat) > > # nc -l -p 4662 > > And then run nmap. You should get listed this port! > > -- > Dharmendra.T > Linux Enthu mdew:~# nc -l -p 4662 ãP<H¹ogÝT'b´\Y6▒http://emule-project.net<6Ñ~ÖEmdew:~# (some strange characters, then it quits) mdew:~# netstat -an|grep 4662 mdew:~# nirvana:/home/mdew# nmap 10.0.0.6 Starting nmap V. 3.10ALPHA4 ( www.insecure.org/nmap/ ) Interesting ports on debian (10.0.0.6): (The 1591 ports scanned but not shown below are in state: closed) Port State Service 22/tcp open ssh 25/tcp open smtp 110/tcp open pop-3 111/tcp filtered sunrpc 113/tcp open auth 135/tcp filtered loc-srv 136/tcp filtered profile 137/tcp filtered netbios-ns 138/tcp filtered netbios-dgm 139/tcp filtered netbios-ssn 199/tcp filtered smux 826/tcp filtered unknown 953/tcp filtered rndc 8080/tcp open http-proxy