[Sussex] ipchains help please

[Derek Harding]

OK - excellent discussion but back to my problem. My thanks for all the comments and ideas - on my own site here at home I have what I perceive to be a better structure! However:

This is a "client" site - a secondary school who have been allocated a fixed IP from the ISP (RM) on a regional "private" network run by RM for the schools it serves. In addition, they have allocated five subnets to the school (10.18.200-203 plus another for admin). Instead of going for a different internal address scheme, they have used the 200 range for DMZ-facing interfaces and 201-203 for internal-facing and dhcp addresses.

Using SuSE is no problem although a dedicated fw/gateway was considered. I agree that iptables is easier, but if it aint broke ... and this server has run untroubled since 1999/2000.

So, I'm back to the original question. The school wishes to continue to use ipchains and to forward/redirect packets sent to 10.18.200.1:8080 on the outside to 10.18.203.69:8080 on the inside. It should only be a couple of lines I think, but am looking to this as a solution rather than using redir as a backwards proxy.

--
Best wishes,
Derek