<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML ><HEAD ><TITLE >Incoming services </TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK REL="HOME" TITLE="Linux IP Masquerade HOWTO" HREF="index.html"><LINK REL="UP" TITLE="Other IP Masquerade Issues and Software Support " HREF="ipmasq-support-portfw-and-stronger-rulesets.html"><LINK REL="PREVIOUS" TITLE="Problems with IP Masquerade " HREF="ipmasq-problems.html"><LINK REL="NEXT" TITLE="Supported Client Software and Other Setup Notes" HREF="supported-client-software.html"></HEAD ><BODY CLASS="SECT1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >Linux IP Masquerade HOWTO</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="ipmasq-problems.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" >Chapter 6. Other IP Masquerade Issues and Software Support</TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="supported-client-software.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="SECT1" ><H1 CLASS="SECT1" ><A NAME="INCOMING-SERVICES" ></A >6.2. Incoming services</H1 ><P >By default, Linux IP Masquerading cannot handle incoming services at all but there are a few ways that would allow this.</P ><P >If you do not require high levels of security, then you can simply forward or redirect IP ports. There are various ways to perform this, though the most stable method is to use IPPORTFW. For more information, please see <A HREF="forwarders.html" >Section 6.7</A >. </P ><P >If you wish to have some level of authorization on incoming connections, then you will need to either configure TCP-wrappers or Xinetd to allow only specific IP addresses to pass. The TIS Firewall Toolkit is a good place to look for tools and information.</P ><P >More details on incoming security can be found in the <A HREF="http://www.ecst.csuchico.edu/~dranch/LINUX/index-linux.html#TrinityOS" TARGET="_top" >TrinityOS</A > document and at <A HREF="http://ipmasq.webhop.net" TARGET="_top" >IP Masquerade Resource</A >.</P ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="ipmasq-problems.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="supported-client-software.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Problems with IP Masquerade</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="ipmasq-support-portfw-and-stronger-rulesets.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Supported Client Software and Other Setup Notes</TD ></TR ></TABLE ></DIV ></BODY ></HTML >