David Trask wrote:
>
> I've found part of the problem...I have a web server behind
> my e-smith box...unfortunately my E-smith box is listening on
> port 80 so I can't forward it through. Anyone know of a way
> to tell Apache to listen on another port in E-Smith version
> 5.6? I need a fix for this so my classes can access their
> web content. Thanks!
That really won't matter. If you are using the official portforwarding packages for 5.6, you'll have a PREROUTING chain like this:
Chain PREROUTING (policy ACCEPT 279K packets, 23M bytes)
pkts bytes target prot opt in out source destination
27221 1575K TransProxy tcp -- * * 0.0.0.0/0 0.0.0.0/0
tcp dpt:80
373K 27M PortForwarding all -- * * 0.0.0.0/0 0.0.0.0
/0
So, all traffic to port 80 is getting directed to Squid before it hits the PortForwarding chain. This is fixed in 6.0, but we have not back-ported it yet. The fix is simple.
> mkdir -p /etc/e-smith/templates-custom/etc/rc.d/init.d/masq
> cp /etc/e-smith/templates/etc/rc.d/init.d/masq/42SetupPortForwarding /etc/e-smith/templates-custom/etc/rc.d/init.d/masq
Edit that custom fragment, and change the line:
/sbin/iptables -t nat --append PREROUTING --jump PortForwarding
to
/sbin/iptables -t nat --insert PREROUTING --jump PortForwarding
This will ensure that the PortForwarding chain comes first. This has been tested in the field and it works.
Cheers,
Mike
3 Replies
362 Views