On Sun, 05 Dec 2004 17:00:27 -0500, Max Khitrov <mkhitrov at umd dot edu> wrote:
> How would all my servers be accessible from the outside if many ports
> aren't forwarded? I'll have a bunch of services running like mail, http,
> ftp, ssh, vnc, and a number of others.
Open 25, 80, 21, 22, and 5900. FTP will be more difficult than the
rest, see this. http://wiki.m0n0.ch/wikka.php?wakka=PassiveFTP
Yeah it'll require a few inbound NAT rules.
> In either case, this just seems to be like an easy thing to do, so maybe
> a feature for the next release? Basically in NAT forwarding create an
> ability to specify if a port is not forwarded to any specific host, then
> in should go to the default one. Just a thought...
What's the point of a firewall if you're going to open all the ports
unconditionally? You have nothing more than a NAT box at that point.
That's a really bad idea, but you could use inbound NAT with ranges to
accomplish that now.