[tech] Firewall

Matt Johnston matt at ucc.asn.au
Thu Feb 1 14:14:48 WST 2007


On Thu, Feb 01, 2007 at 01:48:54PM +0900, Paul Marinceu wrote:
> Hi all,
> 
> So I was nmapping access.ucc.asn.au the other day and was quite surprised
> when it returned an endless list of open ports. Couple of questions:
> 
> - why is that so? (something to do with Bright's firewall or a UCC thing?)
> - if it's by design, then what's the purpose?

On madako (ucc's linux router box):
    $IPTABLES -t nat -A PREROUTING -d 203.24.97.252 -i ! eth1 -p \
       tcp -j DNAT --to-destination 130.95.13.23:22

It's so that you can ssh to ucc on any port, which is useful
to get around pesky firewalls that only allow port 80 or 443
or whatever.

Matt


More information about the tech mailing list