Coyote如何设置端口映射？

lzbnet

Coyote如何设置端口映射？我在Edit Advance Portforward Configuration中加入了auto Y tcp 21:21 192.168.2.3 但在外网Ping不通路由器的IP也登录不到FTP上。请教。

外来人

coyote最糟糕的就是没有文档，好不容易找到一个，原来是1.4版的，老掉牙了。
你那句好象应该在后面加dns三个字母吧。看coyote论坛上的：
The main difference between them (from the user's perspective) is that you can do things with "port" that you can't do with "auto", but "auto" is simpler to specify.

The "dns" parameter allows you to use the =external= IP address and domain name of (for example) your web server (e.g. 66.93.100.45 or www.mydomain.com) from your =internal= network. Without this, you'd have to use the internal IP address of the machine (e.g. 192.168.0.3) from your LAN, which is a nuisance (especially with virtual hosts).

How to set up port-forwarding depends a little on what services you're trying to make available, so without know that I can't be very specific in how to do it. If you're using Coyote 2.02 (made with either version 2.02 of the Linux scripts or 2.2.3 of the Windows wizard, new this week), there should be a list of sample rules under option 6 on the console menu. If you want to forward (for example) the HTTP port to a web server, remove the "#" that disables that line, change the IP address that's there to your server's internal address, Ctrl-S Ctrl-Q to get back to the menu, write the config to floppy, and reboot.

If you're using an earlier release of Coyote, I'd recommend downloading the latest; it's a little easier to work with (and also fixes a possible security flaw).

不过我些我还真没看懂：（我还是没搞明白auto和port有啥区别，dns也只知道加比不加好。

要不就用iptables自带的功能，嘿嘿，我就是这么搞定三网卡的。coyote好就好在用的iptables.

iptables -t nat -A PREROUTING -d 61.x.x.x -p tcp --dport 21 -j DNAT --to 192.168.2.3
iptables -t nat -A POSTROUTING -d 192.168.2.3 --dport 21 -j SNAT --to 192.168.2.1

如果这样还不行，把20端口也打开试试。
以上方法，并未测试，嘿嘿

lzbnet

IP地址后面已加DNS,但还是没法连接,PING外网IP也PING不通,另外,我是PPPoE连接的,该如何设置?请教

外来人

pppoe的？这个………55，俺还真不知道：（
外网ip coyote默认是不能ping的，怎么去我也没搞清，不过ping不通并不影响使用。

ydnss

其官方网站有完整的help文件，里面有关于端口映射的内容
现在摘录一下：http://www.coyotelinux.com/modules.php?name=Phorums&op=list&f=16，这是2.2.x的官方文档。
关于端口映射的有这样的问答：
Port Forwarding II
Author: Albert Stevens (---.quicknet.nl)
Date:   10-18-03 15:37

I'm using CL 2.x and I have set a rule like they show in the example of the portforward rules. But users are still unable to login.

The rule I created;

auto Y tcp 21:21 192.168.5.50

So, is the portforwards rule the only thing I have to change or is it that I have to change something else in for example de firewall.

Greetings,

Albert

回答：
It should be:

auto Y tcp 20:21 192.168.5.50

You need the ports 20 and 21.
但是我觉得用web进入管理页面更好，比分：192.168.0.1：8180
里面有portforwarding 选项，还有编辑页面，只不过我觉得这个映射不好，完全不如BBI直观好用！

外来人

我用coyote里的iptables象上面据说的那样映射80为内网的 www服务,结果这些机子都不能游览了,QQ和ping都是通的.我就把端口换成77,结果也不行.又把这个命令行改了n次,也不行.

高手救俺!
QQ 14139187

wenghbo

关注中。。。。

wintz

我已经成功，在Edit Auto-Port Forward Configuration File加入如下语句，其中192.168.0.5是我映射的IP地址。

auto Y tcp 20:21 192.168.0.5 dns
auto Y tcp 80 192.168.0.5 dns
auto Y tcp 5:5 192.168.0.5 dns

ydnss

不困难阿，我用2.2.3很容易映射成功的
autu y tcp 20:81 192.168.0.90
这样就OK了！

心想事成

在它的高级设置中，有两个类型的，一个是“auto",另一个是“port”，分别是什么意思？是一样的吗？
它举的例子是：
# Auto-Port Forward Configuration File
#
# This file contains entries in the following format:
#
# type active
#
# type = auto or port
#
# active = Y or N
#
# for "auto" rule =
#         protocol port desination [dns]
#
# protocol = TCP or UDP
# port = port or port range in the format of "start:end"
# destination = destination IP address
# dns = flag to create pre-post-route for lan to wan ip (optional)
#
# for "port" rule:
#         destination [internet_ip] [protocol [port1 [port2] [dns]]]
#
# destination = destination IP address
# internet_ip = internet IP address (optional)
# protocol = protocol name or number (optional)
# port1 = the port to forward (optional)
# port2 = the port to forward to (optional)
# dns = flag to create pre-post-route for lan to wan ip
# (optional when used with the above 3 options)
#
# A "#" at the 1st character in a line can be used to denote a comment
#

# Auto examples:
# FTP
# auto Y tcp 20:21 192.168.0.10 dns
# WWW
# auto Y tcp 80 192.168.0.10 dns
# SSL
# auto Y tcp 443 192.168.0.10 dns
#
# Port examples:
# Secondary FTP
# port Y 192.168.0.9 tcp 31 21 dns
# Secondary SSH
# port Y 192.168.0.9 tcp 32 22
有谁可以解释一下吗？

外来人

用iptables终于搞定端口映射了
原来要打开forward链

iamwhatiam

外来人同志，你是怎么搞定的啊，我刚才试着用coyote里提供的方法没搞成功啊，你说的forward链又具体是指的什么啊，急盼赐教！！！

nichie

我看过有关 coyote linux的FAQ文档
auto进行端口映射不改变端口号，如果内网的端口号是80，那映射在路由器上也是80，而port允许改变端口号，如果内网的端口号是80，那映身在路由器上可以改变其他的端口号如：8080
加上dns，按这份FAQ文件的意思，在内网客户端访问内网服务器上也允许使用域名，而不是我们直接通过使用的内网地址如192.168.0.8之类的来访问

#        for "auto", rule = protocol port desination [dns]
#            protocol = tcp or udp
#            port = port or port range in the format of "start:end"
#            destination = destination IP address
#            dns = flag to create pre-post-route for lan to wan ip (optional)
#        for "port", rule = destination [internet_ip] [protocol [port1 [port2] [dns]]]
#            destination = destination IP address
#            internet_ip = internet IP address (optional)
#            protocol = protocol name or number (optional)
#            port1 = the port to forward (optional)
#            port2 = the port to forward to (optional)
#            dns = flag to create pre-post-route for lan to wan ip

心想事成

谢谢