| |
| |
| |
|
Page: 1 2 3 4
Comments:
<0> not sure, but try the list of commands I pasted
<0> they should first reset all the iptables rules, then set up 1 simple masquerading rule
<1> do i put that to the end of the script?
<0> nah, just paste it directly on the command line
<1> ok i think i cant paste heres no x.. but ill type it lol
<0> it's -F and -P ACCEPT for INPUT, FORWARD and OUTPUT
<0> and -F for -t nat POSTROUTING
<0> why can't you paste though ? no mouse ?
<1> ya
<1> whats the ! for?
<0> "not"
<0> -d ! 10.... means destination NOT 10....
<0> basicly, you don't need it, but I tend to add it just to make sure nobody reaches the inside of my net
<0> in theory, if you leave it out, the gateway you're hooked up to could contact machines inside your through your gateway.
<0> doh
<0> hooray for blind use of iptables scripts
<0> I dunno why those scripts allways try to do more than they need to
<2> i typed those and got disconnected
<0> err, you probably got disconnected between a -F and a -P
<1> i ran the script again so it fixed the situation
<0> the script first sets the default rules to DROP, then opens up again. by first doing -F, you flush the "open up again"-rules before you set the default policy (-P) to ACCEPT
<0> kinda slipped my mind...
<1> i slipped off.. :[ :]
<1> ill try to comment that firewall-**** out and try only the basic things which were in the proxy.htm page
<0> ah, yes
<0> the proxy.htm script looks nicer
<0> nicer/simpler
<1> k i take that directly with modifications specific to my network and try it
<1> lol my english
<1> test
<1> the script is now in memory
<1> problems persists :(
<1> and i cant ping .33 from this 10.0.0.1 (linux router)
<1> nor 192.168.1.1
<0> you won't be able to reach 192.168.1.x
<0> from1 0.x
<0> the router nat's those
<0> so you will actually have nat * 2
<3> OMG PONIES!!!!111
<0> PONY!
<1> my humour is running off with this issue.. :}
<0> paste me your iptables -L and iptables -t nat -L output
<0> your irc client should have some method of executing commands and outputing in a query / window
<0> (so you won't need that mouse)
<1> umm no idea how to do that.. i have irssi
<1> lets man irssi
<1> nothing there
<0> I took the liberty of telling you in a msg
<3> lol\r\n
<0> ....
<0> positron: the script didn't complain about missing nat table when you ran it ?
<1> theres a static route in the firewall-device which is set to 10.0.0.1 and i can still ping this 10.0.0.1 from .33
<1> no complains
<3> \ading\ading\ading\r\n\0
<1> the gateway for wan in the firewall-device is 10.0.0.1
<1> and gateway for .33 is 192.168.1.1
<0> yes, that seems correct, if the internal interface on the linux machine is 10.0.0.1
<0> that means the gateway has to have another 10.0.0.x ip
<1> yes
<3> you don't need a route if you're in the same subnet
<1> Kristian: another 10.0.0.x ?
<3> that's all the helping I can afford for the day.. gnite
<0> positron: any gateways has 1 ip for each "side" it exposes
<0> your 1wan-4lan router has 2 sides, the lan and the wan side
<1> yes
<1> RedACE: gnite
<0> the lan side is 192.168.1.1, the wan-side needs to sit on the same subnet (10.x.x.x) as the linux router
<0> but right now I would worry more about the problems with iptables -t nat -L
<1> yes i have statically set the wan address to 10.0.0.1 which is also the gateway
<0> if iptables -t nat -L fails, you have a big and/or weird problem
<0> ehm, so you have two 10.0.0.1 then
<0> bothy our gateways have 10.0.0.1
<1> mm..
<0> that's wrong....
<0> that might actually be the real problem
<1> what should be in the wan address if the gateway is set to 10.0.0.1.. in the firewall-device
<0> anything on the 10.0.0.0/24 subnet EXCEPT 10.0.0.1
<0> like 10.0.0.2
<1> ok i change it
<1> omg omg omg it ****ing works :D
<1> man thanks a lot of your time and patience!
<1> whoo
<0> hehe
<0> no problem
<0> ip conflict....
<1> yes now i can succesfully access the internet from 192.168.1.0/24
<0> didn't figure on that one
<1> via two gateways
<1> this also helped me understand little more about networks
<1> :)
<1> didnt figure that i actually ***ign an arbitary address to my firewall-device
<1> used to have it via dhcp
<1> .problemo solved.
<4> eveninggggggggg
<5> yo
<6> ello
<1> holla
<4> elloaoh
<4> '
<6> why doesn't Xsession use the resolution I set in the config :<
<4> it may use the lowest you set?
<4> you can ctrl alt +/- it
<6> hmm n1 :D
<6> let me try that ^
<6> ^^
<1> i ***ume that you set it to the 24bit color thingy
<1> if using 24bit
<6> nah set it to a lower bit
<6> Napta, does that work with KDE also?
<4> yuypp
<7> Good evening.
<6> hm cuz the Desktop Settings wizard just pops up, but the resolution is so ****ty that I can't see the whole window :p
<8> you can grab the window from any part when holding the left alt down
<6> :D
<6> tx
<4> bt-:D
<6> the ctrl+alt+-/+ thingie doesnt really work :p
<7> hi Napta ;)
Return to
#debian
or
Go to some related
logs:
#hardware
#politics
mixed chix
taril ha juj
#computers
#eggtcl
#windows
#stocks
#politics
blowcrypt tcl pubm
|
|