| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
Comments:
<0> i pronounce you...ed
<1> Ed Sweetman? you there?
<0> well
<0> night folks
<2> weirdos
<3> hiiii everyone
<2> strange... is the sshd on my laptop dead?
<2> apparently not
<4> OldMonk-, nope, I just haxxored your laptop
<2> re tsokolat
<5> re
<2> Ka-bar: hats off to you if you managed to get through 2 levels of NAT and multiple firewalls
<5> do re mi fa~~
<3> any iptables guru here? i need a little help :$
<6> you'll probably need to be a bit more specific.
<3> give me a second, let me copy the example ^^
<7> hi
<7> meh, udev is giving me 1terabyte of error messages on boot, and it isnt working of course =P
<7> using slackware
<7> ill get the messages in 1 sec
<8> What release of Slackware uses udev?
<7> 10.2 has it for when you install 2.6
<8> I doubt it.
<7> you doubt it? well, you can see the package list
<9> humm.. aparently a few months back, the US Army shipped us the wrong case...
<7> theres udev-64 (yeah, 64 =PP) on it
<8> Is there some reason in particular you think you need udev, or are you just the normal Slackware stupid?
<6> Strider: you the proud new owner of a stinger missile?
<9> siglite: not quite that bad
<9> siglite: our shipping guy opened it up to discover a grenade launcher, several carbines, and a dozen side-arms
<6> niiiiice
<9> ... in Canada
<9> the grenade launcher and the carbines are most definately illegal here. :P
<6> so what were you supposed to get?
<9> one of our satellite transmitters
<2> bwaahaahaa!
<6> lol, can you imagine the look on the armorer's face when he opened up his shipment of weapons to find that?
<8> yuriks: Well?
<9> I'm just imagining the call that was made to the RCMP
<9> "yeah, uh, we've got something that was accidentally shipped to us, we're not allowed to have, and we'd like you to take off our hands"
<6> some supply sgt. is now a pfc.
<7> mwilson: well, im going to ask elsewhere, thankyou =P
<9> siglite: hehe
<8> yuriks: In other words, you're the normal Slackware stupid.
<2> Strider: it's easy -- ``hey you, what's your rank?''
<9> OldMonk-: lol
<7> wow, what an *** hole op
<9> to know a major from a PFC from
<8> yuriks: These days, it's pretty much just the stupids that think they should be using Slackware.
<3> well, here again
<3> anyone with good skills with iptables?
<2> VixxEN314: what about it?
<2> VixxEN314: are you paying?
<8> VixxEN314: Same as you were told before, get specific.
<3> this is the thing:
<3> i got 3 pcs
<3> linux: linux box with 2 nics, eth0 connected to internet, eth1 to internal lan
<3> pc1: some pc behind the linux, and part of the lan
<3> pc2: same as pc1
<8> VixxEN314: You'll be getting to the point when, exactly?
<3> in linux box, i redirect the www 80 port to pc 1, this box is making NAT to the lan
<3> the redirect works great, the nat works great, and everything works great... but
<3> if, from pc2, i try to access to isp address:80 of linux box (eth0 address), i get the 80 port of linux box, not the of the pc1
<3> that is the problem
<2> VixxEN314: you have to setup another NAT rule for redirecting eth1:80 to pc1
<8> OM: Watch out... now he'll expect you to write it for him.
<2> mwilson: i have a paypal account!
<3> well, let's see... i will test it now OldMonk-
<2> VixxEN314: you can pay me now
<2> at least this one seems halfway clued
<3> du you accept lithuanian dollars?
<3> ^^
<2> sure, money's money
<10> :)
<3> well, lets see
<3> monk here is the line to redirect port
<2> VixxEN314: i don't want to see it
<3> iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.77.10:80
<3> c'mon, only a few seconds
<2> WTF is eth0 doing there?
<3> eth0 is the nic connected to internet
<10> aha!
<10> i know where the prob is
<3> so, i have to do... this?
<3> iptables -t nat -A PREROUTING -i eth2 -p tcp -d 192.168.77.1 --dport 80 -j DNAT --to 192.168.77.10:80
<2> PEBKAC?
<2> and WTF's an eth2?
<3> eth2 is the nic connected to lan
<10> you expect pc2 in the lan to p*** through eth0 and come back to eth1 out to pc1 ... it doesnt work that way
<2> that's not what you said earlier
<3> yes gnubee
<3> well, wtf i have to do to make this work in that way?
<2> VixxEN314: pay me large amounts of money
<10> iptables is not the solution
<2> gnubee: uh?
<10> im bidding with OldMonk-
<10> hahaha
<3> what is the solution? dns?
<3>
<10> OldMonk-, pc1 and pc2 are on the same lan ... it has no business routing the packets out of the lan
<2> gnubee: true, that
<3> well
<10> so no need for iptables
<2> however pc2 is sending requests out of the lan
<2> so the packets can be redirected
<3> gnubee, i got a software, that needs to connect itself over wan ip address
<10> OldMonk-, yes but there is an easier solution :)
<3> that is the point
<2> VixxEN314: what address/domain is pc2 trying to connect to?
<10> OldMonk-, dont give him the clue without the payment
<10> >:)
<2> gnubee: i'm undercutting you and stealing your market :)
<3> wanip:80
<10> OldMonk-, this is not good business
<10> hint: split dns
<2> it's good, just not ethical
<2> VixxEN314: so the http requests from pc2 are hitting the linux router box?
<3> yes
<2> VixxEN314: then what i told you should work, and ignore gnubee he doesn't have a clue
<10> hahaha
<3> ok but, is that rule ok?
<3> iptables -t nat -A PREROUTING -i eth2 -p tcp -d 192.168.77.1 --dport 80 -j DNAT --to 192.168.77.10:80
<2> i guess so
<10> VixxEN314, my solution will cost you half the number of hops
<2> gnubee: you're going to give him a split dns solution, right?
<10> OldMonk-, yeah ... straight to pc1
<2> hehheh
<3> oldmonk
<3> and gnubee
<3> the thing, is that the software, doesn't connect over DNS NAMES,... it connects itselfs over IP address
<10> going once
<10> what stupid software doesnt accept fqdn?
<3> nice question
<3> that is the problem, i NEED to make it work in that way
<10> code it better this time
<2> ah, the problem is that pc1 will try to send packets back directly to pc2, breaking the NAT
<3> how iptables REDIRECT works?
<2> VixxEN314: you need to SNAT those packets too
<3> yes!! that is the problem oldmonk!
<3> could you give me an example plis?
<2> VixxEN314: you can definitely pay me now
<2> VixxEN314: uh, just SNAT them
<3> ok i'm signing the chek
<3> now i'm putting in a bottle...
<2> bwaahaahaa!
<3> now i throw it to the river
Return to
#linux
or
Go to some related
logs:
#MissKitten
#ubuntu
�4What was the name of the book and film about a boy who kept and trained rats�
#linux
#MissKitten
ionix undernet
globalvariable.cpp
#mirc
unix and linux the same
#linux
|
|