| |
| |
| |
|
Page: 1 2 3 4 5
Comments:
<0> this machine?
<1> TheBeast: use a DNAT rule
<1> iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.2
<1> ***uming 10.0.0.2 is the second box
<0> danieldg I was sore you'll say that
<0> but lets ***ume I want to forward all the ports
<0> how should that be done?
<1> ok, just remove the -p tcp --dport 80
<0> s/sore/sure
<2> good morning
<3> Hi everybody. Dual-ip question: eth0 is $EXT, eth1 is $LAN, eth2 is $DMZ. I'd like to put a server into DMZ. It must be reached from outside with it's dedicated public IP. But if It has it's LAN address, I have to ***ign it's public ip to eth0 (ext.if).
<3> okay, I made eth0:win interface, up and running, all ok. but I cannot NAT the DMZ to this interface :/ iptables doesn't support ":,!"
<3> What can I do now? I know I can ***ign this windows server's public ip to eth1 also, but I would then need a 4th NIC (eth4) to nat it.
<3> on the other hand I don't think it's a good idea anyway, this other NAT-ed DMZ network's public address should be the virtual ip.
<3> if iptables would accept it. :) I'm not too much experienced in such things and routing, but perhaps you may help me with this, how to nat to a virtual public ip.
<4> hello
<4> how can I open this port (tcp and udp) 5087 ??
<5> iptables -A INPUT -p tcp,udp -dport 5087 -j ACCEPT should work?
<5> before the dropping ports, of course
<4> root@marvolo:/home/marvolo# iptables -A INPUT -p tcp -dport 5087 -j ACCEPT
<4> Bad argument `5087'
<4> Try `iptables -h' or 'iptables --help' for more information.
<4> :/
<5> lol, sorry, "--dport"
<5> one - missing
<4> oh yes
<4> root@marvolo:/home/marvolo# iptables -A INPUT -p tcp --dport 5087 -j ACCEPT
<4> root@marvolo:/home/marvolo# nmap 192.168.10.87 -p 5087
<4> Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2006-01-29 14:06 CET
<4> Interesting ports on marvolo.home (192.168.10.87):
<4> PORT STATE SERVICE
<4> 5087/tcp closed unknown
<4> :/
<5> before closing it ?
<5> you have to set that rule before closing ports
<4> this port is closes
<5> or, just try to add - I insted -A
<4> its the same
<6> -o eth1?
<4> No
<6> k
<4> I have wlan0 ;)
<5> I think you are setting this rule after you close all ports
<5> but I don't know much of it
<5> :-\
<4> ok, how can I close all ports?
<5> DROPing them
<4> O_o
<5> Sorry, you apply rules that drops all packages
<5> I ***ume you mean the Input ports, right?
<4> hmm... I want to have highid in amule
<4> but port 5087 is closes
<4> and I want to open it
<4> but I don't now how
<5> 1) how do you know it's closed 2) You have to forward them to an specified ip
<4> I have forward because on windows I have highid
<5> Step by Step
<4> what's does it mean ?
<5> Where do you have running iptables-based gateway/firewall ?
<4> I don't now :/
<5> it the pc you want to amule?
<5> LoL
<5> YOU don't know, and you suppose I do? XD
<5> Ok, let me guess
<5> You have a gateway, right? Is it a box or a pc?
<4> it's pc
<5> Good
<5> It a linux based, right?
<4> yes
<4> slackware
<5> Better than nothing :P
<5> Ok, you have iptables doing firewalling there?
<4> yes
<5> Ok, look there if you have any rule which says FORWARD
<5> If it's copypaste it on pastebin.com and bring the link here
<4> my admin forwards port 5087 on my ip
<5> are you sure?
<4> yes
<4> because on windows I have highid in emule
<4> but on linux not
<5> That could be a windoze bug on emule
<5> I heard of it
<4> no no
<5> Without forwarding firewall, having high id
<5> too crazy, but real
<4> and in azureus I have green face :)
<4> does azureus have a bug too?
<5> Ok, If you are sure, then you could try to set a tcp service hear on that port, and see if it's really open or not
<5> But, wait a second
<5> The rules you asked, where are you planning to put them?
<5> in slack box?
<4> dererk: see it
<4> root@marvolo:/# nmap 192.168.10.87 -p 5087
<4> Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2006-01-29 14:33 CET
<4> Interesting ports on marvolo.home (192.168.10.87):
<4> PORT STATE SERVICE
<4> 5087/tcp closed unknown
<4> 192.168.10.87 ==> it's my ip
<4> and I want to open it
<4> but I don't no how ?
<5> Do you have iptables in YOUR box to?
<4> yes
<5> Why?
<4> what why?
<5> O_o
<4> root@marvolo:/# iptables --version
<4> iptables v1.3.3
<4> root@marvolo:/#
<5> Do you have iptables in YOUR box to? <--- I mean running rules
<4> I don't now
<5> iptables -L && iptables -t nat -L <--- and PASTE THEM on pastebin.com
<5> then, bringh the link here
<4> how can I ok
<5> how can you what?
<5> paste them?
<4> wait one moment
<5> Using mouse... you have one, right :)
<5> ok
<4> www.hax0r.ovh.org/iptables
<4> www.hax0r.ovh.org/iptables2
<4> dererk: see?
<5> Marvolo_, yes, but the port it's not closed
<5> (seems not to)
<5> Marvolo_, do: iptables -F && iptables -F -t nat
<4> and what now?
<4> root@marvolo:/# iptables -F
<4> root@marvolo:/# iptables -F -t nat
<4> root@marvolo:/# iptables -F
<4> root@marvolo:/# iptables -F -t nat
<4> root@marvolo:/# nmap 192.168.10.87 -p 5087
<5> and RUN emule
<4> Starting nmap 3.93 ( http://www.insecure.org/nmap/ ) at 2006-01-29 14:42 CET
<7> dererk: You have failed to ask the key question: is he running the bloody client :P
<4> Interesting ports on marvolo.home (192.168.10.87):
<5> amule
<4> PORT STATE SERVICE
<4> 5087/tcp closed unknown
<5> ai2097, yes, I realise that
<5> ai2097, (at last)
<5> ai2097, that's why I put upcased "run" :-\
<4> its the same :/
<5> I'm not sure if amule runs in that port
<5> 1) I'm not sure if amule runs in that port
<7> netstat it.
<5> good idea
<4> ok
<5> Marvolo_, as ai2097 said, netstat it WITH your client running :-\
<7> nestat --inet -l
<4> look at this : www.hax0r.ovh.org/8.png
<5> did you netstat as ai2097 said?
Return to
#iptables
or
Go to some related
logs:
sql+all_packages
xorg.conf toshiba portege 3490
upload mailers
#web
a8n5x change to lba
gentoo bin login
ifconfig hw + SIOCSIFHWADDR: Invalid argument
39160 ubuntu adaptec
GetListOfResourceTypes
#centos
|
|