Help with sf behind firewall.

[Geoff Shang]

Hi:

OK, am not quite sure what some of that means, but I'll give you my
suggestion.

Firstly, you only need to forward 2074 and 4074.  Forwarded ports are only
those that need to make it back to the internal host, and therefore only
need to be the ones that sfspeaker uses.  This might sound wrong to you,
but I've been behind a machine using the uredir program doing this and it
worked just fine.  So now I'll borrow a line I used to get buddyphone
working and modify it for your purposes.  I presume the IP you gave is your
internal machine.

ipmasqadm portfw -a -P udp -L `ipofif ppp0` 2074 -R 172.20.50.100 2074
ipmasqadm portfw -a -P udp -L `ipofif ppp0` 4074 -R 172.20.50.100 4074

OK, so what's the `ipofif ppp0` thing?  Well, ipofif is a debian script
that comes with the debian ipmasq package which gives the IP address of a
particular interface.  It's a pretty simple script and I include it below
for your interest and perusal.  Putting it in accents means that the output
of the script is to be used in the command line, pretty neat hey.  I don't
know if it actually needs to be there, but it doesn't hurt.

So this command simply says, forward this UDP port 2074 from the PPP0
interface to the internal machine on port 2074.  Pretty self explanatory.

I note that ipmasqadm uses different modules to get its jobs done, so the
autofw module may have different commandline options and thus might do (or
be close to doing) the above.  Then again, they might all use the same ones
in which case, it seems you were a bit off the mark.

Oh and consult the ipmasqadm man page as you need certain stuff compiled
into the kernel and it's all listed there which saves me trying to remember
it all.

Geoff.
Script follows:


#!/bin/sh
#
# ipofif	Determines the IP address of the interface given on the
#		commandline
#
# v1.0	19 July 1998
# v1.1  12 June 1999
#####

export LC_ALL="C"

/sbin/ifconfig $1 | grep 'inet addr:' | sed 's/.*inet addr:\([0-9.]*\).*/\1/g'