[Firewall] Remapping local ports

Philip Prindeville philipp_subx at redfish-solutions.com
Thu Jul 24 15:09:38 MDT 2008

I was wondering what would be involved in doing the following:

I want to take a port (X) and relocate it to another (X') and block X 
externally, but allow X'.

Can we do something like:


block port X on external interface
if a packet comes in on port X', jump to another chain (EXT_REMAP)
accept port X

dnat port X' to port X

In other words, we won't allow connections directly to X to come in from 
the outside, but we will allow connections to a service running locally 
that is point to port X to be connected to on a remapped port...


More information about the Firewall mailing list