Best of Technical Support

Our experts answer your technical questions.
Configuring ipchains

Current setup: I'm running ipchains as a firewall and to proxy my other machine to the Web via DSL. This Linux firewall has two NIC cards: one with a public IP address, the other on my private 10.100.100 network. I have a web server on the private network ( How do I configure ipchains to redirect all web requests at my firewall to the web server on my internal network? —Mitchel Vernor,

You'll need to use a port forwarding tool (such as redir or ipmasqadm) to “redirect” all requests that try to connect to port 80 (assuming you are using the default port) of your firewall's address to the web server's address. redir is a user-space program that has some limitations, but works with older kernel versions. ipmasqadm (which I recommend) works with 2.2.x (some 2.1.x also) and it is kernel-based.

Assuming all other input, output and forward chains are present, you should simply add:

ipmasqadm portfw -f
ipmasqadm portfw -a -P tcp -L EXTERNAL_FIREWALL_IP 80
-R 80

to your startup script. —Mario de Mello Bittencourt Neto,

More information on port forwarding under kernel versions 2.2 and higher, including examples, can be found at —Chad Robinson,

If you don't have ipmasqadm on your system, you can find it here: You need at least kernel 2.2.x for this to work (although there are patches for 2.0.x), and your kernel must have IP: ipportfw masq support (EXPERIMENTAL), which is an option you can select only if you checked “Prompt for development and/or incomplete code/drivers” during configuration. —Marc Merlin,

PPP Networking

Can I have a PPP connection that supports TCP/IP using a null modem between Win98 and Linux boxes? Any one of the machines needs to dial up to the other. I am using Red Hat 5.2. —Kiran,

Yes, you can. I would set up the Win98 machine to “call” the Linux system by double-clicking on a dial-up connection. I prefer this way, since the Windows machine expects to “log in” to the remote system and the Linux box can provide that “login”. For this to work, you have to take care of the proper setup (pin out) of the serial cable that connects the machines together. Also, depending on the cable setup, it would be a good idea to tell the Windows machine, at the dialup port configuration setup, not to wait for the dial tone before dialing. The Linux box will not provide a dial tone. On the Linux side, you can create a new login ID with a password and configure it to have the PPP daemon as the login shell, instead of the usual bash. Also, you have to set up the serial port on the Linux box to provide the login automatically all the time. A good page that explains this in great detail is —Felipe E. Barousse,

Recovery after Partitioning

A friend who uses Debian 2.1 tried to install Red Hat 6.0 into another partition of his hard disk. The installation process of Red Hat has deleted the partition table of his hard drive. We need a way to recover some important files which are in the Debian partition. We can't access the partition. Can you explain some way to do it? —Alexis Serafin,

If you know exactly what the partition table looked like before the crash, you can simply write a new partition table that looks exactly like the old one, mount the old partitions and back up the data. If the install process was aborted immediately after the new partition table was written, this alone may solve the problem. If all else fails, try this: make a partition that includes the whole disk (say, /dev/hdb1), mount that and raw-copy the entire disk to a big file (on another disk) with something like:

dd if=/dev/hdb1 of=/bigdisk/ bs=512

Then, try to piece the files together using /bigdisk/ Personally, I've tried only the dd step, so there may be problems with this approach beyond the fact that stitching up the files manually is awfully difficult. Consider it a desperation strategy. I know it's never helpful to hear this after the disaster occurs, and please don't think I'm not sympathetic, but the best way to deal with problems like these is always prevention: keep backups, and print out critical information such as partition tables before you need it. This is the voice of bitter experience speaking. —Scott Maxwell,

While it is hard, you can look for the boot partition signature (55 AA at the end of the block, I believe) and locate the partitions on your disk. The above requires a disk editor, such as diskedit from Norton, and once you have the partition offsets, you can go to the partition table (first block of your disk, apply the partition table view and key in the numbers). Note that it's not trivial, and having another computer as a model to look at and copy from helps quite a bit. You can also try fixdisktable which automates this (only for primary partitions, though); it can be found at —Marc Merlin,