| |
| |
| |
|
Page: 1 2 3
Comments:
<0> How do i port forward udp port 689?
<0> Hm...
<1> is this a safe policy to use if i follow it up by individually allowing ssh ftp and http servers, if those are all i want accessible? iptables -I INPUT 1 -i ${WAN} -j REJECT
<1> or are there other ancillary daemons i have to open up in order for those to work?
<2> # /sbin/iptables-restore /etc/sysconfig/iptables
<2> iptables-restore: match `ipp2p' v1.3.1 (I'm v1.3.5).
<2> how do i resolve this?
<2> i need ipp2p that runs on 1.3.5?
<2> i just upgraded to fedora5
<3> hi
<4> Hi all... I have a DMZ and LAN going through an OpenWRT and I need to know how to allow all traffic to the DMZ from the LAN, but not vice-versa.
<4> DMZ=192.168.0.0/24 LAN=192.168.1.0/24
<4> DMZ=vlan2 LAN=br0
<5> hello anyone here?
<5> how can i slow down the bandwidth of a certain ipnumber
<6> hello, my ip address is 192.168.2.9 and subnetmask is 255.255.0.0 -> how can i know that the network range is 192.168.0.0 ? how can i easily calculate it?
<7> hi
<8> hello
<7> whats the command to allow port 25?
<9> i'm a newbie wanna run Squid as a transperent proxy, what should be my INPUT OUTPUT rules
<10> kohinoor: /topic
<10> norskfjord: $IPT -A INPUT -i <device> --dport 25 -j ACCEPT
<7> # iptables -A INPUT -i ppp0 --dport 25 -j ACCEPT
<7> iptables v1.2.11: Unknown arg `--dport'
<3> norskfjford --> use this --> iptables -A INPUT -i ppp0 -p tcp --dport 25 -j ACCEPT
<3> use tcp or udp
<3> kohinoor --> transparent proxy --> iptables -t nat -A PREROUTING -s 192.168.0.0/24 -j DNAT --to 202.xxx.xxx.xxx:8080
<3> kohinoor --> 192.168.0.0/24 --> is ur local
<3> and 202.xxx.xxx.xxx is ur proxy
<9> ndorotuan: i have flushed iptables will only this rule work? or need INPUT OUTPUT
<11> kernel: ip_conntrack: table full, dropping packet.
<11> Why does it get full?
<7> hmmm
<7> I dunno if it worked
<7> $ telnet delta9.0xf050.org 25
<7> Thrashbarg Trying 58.6.28.10...
<7> Thrashbarg telnet: Unable to connect to remote host: No route to host
<7> it's not working
<8> Trying 58.6.28.10...
<8> Connected to delta9.0xf050.org (58.6.28.10).
<8> Escape character is '^]'.
<8> 220 alphanode ESMTP Sendmail 8.13.4/8.13.4; Wed, 12 Apr 2006 19:35:05 +1000
<8> _E-bola: is there windows machines in the network?
<11> rza: yes
<8> they might be causing it
<11> by doing what?
<8> windows machines send out alot of carbage
<11> well unless it gets accepted to be send out (the iptables is on a the external fw) it shouldnt be an issue should it?
<8> connection tracking tracks those afaik
<8> but im not sure
<8> let me see your rules
<11> i knwo very little of connection tracking, but isnt it supposed to clean it self regularly?
<12> hi, i'm new to iptables and having great difficulty. All i want to do is be able to ftp to my ftp site without turing iptables off.. is this easy to do?
<8> psychotria: yes
<12> rza: do you know of a URL that might help? all the how-to's i seem to find go into more detail then I am after...
<8> psychotria: just use ip_conntrack_ftp module
<8> and allow related and established traffic
<12> i just stick that in my iptables config file?
<13> hello guys.. anything wrong with the following commands? ...
<13> iptables -A PREROUTING -t nat -i eth1 -p tcp --dport 80 -j DNAT --to 192.168.1.50:80
<13> iptables -A INPUT -p tcp -m state --state NEW --dport 80 -i eth1 -j ACCEPT
<13> id i miss something?
<13> did i miss something?
<8> what are you trying to do?
<7> when I change to adsl will I have to change all my iptables rules?
<8> norskfjord: no if you do them well
<7> good
<13> rza: i'm trying to port forward
<8> ewankusau: what is that INPUT doing there?
<13> rza: I'm actually a noob, i'm a bit confused with INPUT, OUTPUT, FORWARD, etc.
<13> i just copied it off a website
<8> read the url in topic
<13> actually i have a PvPGN server which is behind a linux router
<3> kohinoor -> u still online
<14> good morning
<3> hi robert
<9> ndorotuan: yeah i'm online
<3> hi
<3> u doesn't need flush iptables
<9> ndorotuan: ur given rule doesn't work
<3> just run that code from # sheel
<3> what the error
<9> actually my iptables and proxy is on same machine so that rule won't work
<3> ok ic
<3> can i know ur local and public ip address??
<9> but it's strange as i have flushed my iptables and added the rule as
<9> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128
<9> but it is not working
<3> eth0 is ethernet for local ip address
<3> ???
<9> ya the machine where i have iptables and proxy
<3> how many ethernet on ur machine?
<9> one only
<3> ic
<9> i generate request from another machine in LAN with default gateway as my machine (the eth0 one)
<9> but with browser setting proxy is running so i suppose the problem is with iptables only
<3> ur topologu like this --> LAN --> ur machine --> INTERNET
<3> ???
<9> ya
<3> so "machine" have 2 ethernet
<3> it;s true
<3> it's true??
<9> nope
<9> i have one ethernet connected to swith as others
<3> ur ip address???
<3> ca i know ur ip address kohinoor?
<9> 10.10.136.253 local
<3> public???
<3> ur local network???
<9> u can see that from right side
<9> see it
<3> ic
<3> 59.xxx.xxx.xxx
<3> ok
<9> yeah
<3> u have local network???
<9> ya
<3> it's "ur machine" same as "ur local network gateway" ??
<9> anything wrong with that
<9> ya when i test the transperent proxy
<3> so??? ur machine have ip address --> 10.10.136.253
<9> ya
<3> and ur local network gateway???
<9> 10.10.*.*
<9> i'm not that NEWBIE
<3> i c
<3> im sorry
<3> i need ur netmask, can i know it?
<9> what to do with that?
<3> it's ok if u not permit it
<3> ok, we said ur netmask is 255.255.255.0
<3> so ur rule must be on "r local network gateway" not "ur machine"
<9> ya
<9> whay so
<3> and ur rule is --> iptables -t nat -A PREROUTING -s 10.10.136.0/255.255.255.0 -j DNAT --to 10.10.136.253:8080
<3> 8080 is ur proxy port
<9> as i have connectivity to my lan'e gateway ya
<3> it's work???
<9> oh ya
<9> i think that was the mistake
<9> thanks
<3> sorry, it's take a long time
<9> as ppl play with i have to be stringent sometime
<3> may english is not so good
<9> so sorry n thanks
<3> so, kohinor where u come from?
<9> ndorotuan: but i set default gateway in test machine as mine
<9> so how can the test machine reach my Lan's default gateway
<3> kohinoor
<3> ???
Return to
#iptables
or
Go to some related
logs:
#physics
#gentoo
div-stretch javascript
how to setup dns server bind 9 using centos 4.3
#ubuntu
legacy power management api
ubuntu bcm4303
#math
gentoo wxwindows invalid atom
ubuntu quite splash
|
|