Com isso, teu script teria que ficar assim: #NAT DE SERVIÇO iptables -t nat -A PREROUTING -p tcp -d $ETH1 --dport 8080 -j DNAT --to 192.168.0.1:80
Em 18 de março de 2010 08:03, Thiago Silveira de Oliveira <thiago...@ig.com.br> escreveu: > Funciona.........nesse caso vc pode até inventar portas.... > > 8080, 9090, 1010, e assim por diante..... > > [ ] , > > Thiago > > Em 17 de março de 2010 21:34, Lista Debian <alanbrawdeb...@gmail.com> > escreveu: >> >> Então thiago.. e se eu mudar para a porta 8080? >> >> >> >> Sera que funciona? >> >> >> >> De: Thiago Silveira de Oliveira [mailto:thiago...@ig.com.br] >> Enviada em: quarta-feira, 17 de março de 2010 20:10 >> Para: Catulo Hansen >> Cc: Lista Debian; debian-user-portuguese@lists.debian.org >> Assunto: Re: Acesso externo com no-ip >> >> >> >> Pessoal..... >> >> A telefonica bloqueia trafego entrante em conexoes ADSL HOME, ou seja as >> portas 21,25,80 e 110 sao bloqueadas justamente para o cidadão não fazer >> "servidor" com ele. >> >> [ ] , >> >> Thiago >> >> >> Em 17 de março de 2010 18:34, Catulo Hansen <catu...@gmail.com> escreveu: >> >> Tú tem que carregar os seguintes módulos no teu script: >> >> modprobe ip_tables >> modprobe iptable_nat >> modprobe ip_nat_ftp >> modprobe ip_conntrack_ftp >> >> Em 17 de março de 2010 17:18, Lista Debian <alanbrawdeb...@gmail.com> >> escreveu: >> > #Variavel >> > Coloquei essas linhas conforme vc falo mas parece que agora esta dando >> > erro >> > no iptables. Vou pegar as logs >> > >> > >> > >> > ETH1=`ifconfig eth1 |grep "inet end" |cut -d: -f2|cut -d" " -f2` >> > >> > #NAT DE SERVIÇO >> > iptables -t nat -A PREROUTING -p tcp -d $ETH1 --dport 80 -j DNAT --to >> > 192.168.0.1:80 >> > >> > >> > >> > >> > -----Mensagem original----- >> > De: Catulo Hansen [mailto:catu...@gmail.com] >> > Enviada em: quarta-feira, 17 de março de 2010 16:54 >> > Para: Lista Debian >> > Cc: debian-user-portuguese@lists.debian.org >> > Assunto: Re: Acesso externo com no-ip >> > >> > Adicione no seu script: >> > #Variavel >> > ETH1=`ifconfig eth1 |grep "inet end" |cut -d: -f2|cut -d" " -f2` >> > >> > #NAT DE SERVIÇO >> > iptables -t nat -A PREROUTING -p tcp -d $ETH1 --dport 80 -j DNAT --to >> > IPSERVIDORAPACHE:80 >> > >> > Em 17 de março de 2010 15:43, Lista Debian <alanbrawdeb...@gmail.com> >> > escreveu: >> >> Srs. Ainda sou leigo no assunto. Estou tentando configura o no –ip para >> >> acessa o meu apache.. o acesso interno funciona perfeitamente. >> >> http://bmxdebian.no-ip.biz ele até responde aos ping.. mas quando >> >> tendo >> > o >> >> acesso externo não vai nem responde aos pings.. >> >> >> >> >> >> >> >> Segue a baixo as configurações no meu iptables. >> >> >> >> >> >> >> >> OBS: eth0 => rede interna eth1=> mondem ADSL speedy >> >> >> >> >> >> >> >> >> >> >> >> #!bin/bash >> >> >> >> iptables -F >> >> >> >> iptables -F INPUT >> >> >> >> iptables -F OUTPUT >> >> >> >> iptables -F POSTROUTING -t nat >> >> >> >> iptables -F PREROUTING -t nat >> >> >> >> >> >> >> >> # echo 1 > /proc/sys/net/ipv4/ip_forward >> >> >> >> # iptables -P FORWARD ACCEPT >> >> >> >> # iptables -A POSTROUTING -t nat -s 192.168.0.0/24 -o eth1 -j >> >> MASQUERADE >> >> >> >> >> >> >> >> # PROXY TRANSTPARENTE >> >> >> >> echo 1 > /proc/sys/net/ipv4/ip_forward >> >> >> >> iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE >> >> >> >> iptables -t nat -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp >> >> --dport >> > 80 >> >> -j REDIRECT --to-port 3128 >> >> >> >> >> >> >> >> # Webmin >> >> >> >> iptables -A INPUT -t tcp --dport 10000 -j ACCEPT >> >> >> >> >> >> >> >> # Libera FTP >> >> >> >> iptables -t filter -A INPUT -i eth1 -p tcp -m multiport --dports 21,20 >> >> -j >> >> ACCEPT >> >> >> >> iptables -t filter -A INPUT -i eth1 -p udp -m multiport --sports 21,20 >> >> -j >> >> ACCEPT >> >> >> >> >> >> >> >> iptables -A INPUT -i lo -j ACCEPT >> >> >> >> iptables -A INPUT -i eth1 -j ACCEPT >> >> >> >> >> >> >> >> # Libera SSH >> >> >> >> iptables -A INPUT -p tcp --dport 22 -j ACCEPT >> >> >> >> >> >> >> >> >> >> >> >> # Port scanners ocultos >> >> >> >> iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit >> > --limit >> >> 1/s -j ACCEPT >> >> >> >> >> >> >> >> # Ping da morte >> >> >> >> iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit >> >> 1/s >> > -j >> >> ACCEPT >> >> >> >> >> >> >> >> >> > >> > >> > >> > -- >> > - >> > Atencionamente, >> > >> > Catulo Kruuse Hansen >> > Analista de Suporte >> > Procuradoria Geral do Estado do Ceará >> > catulohansen.blogspot.com >> > No virus found in this incoming message. >> > Checked by AVG - www.avg.com >> > Version: 8.5.436 / Virus Database: 271.1.1/2752 - Release Date: 03/17/10 >> > 07:33:00 >> > >> > >> >> >> >> -- >> - >> Atencionamente, >> >> Catulo Kruuse Hansen >> Analista de Suporte >> Procuradoria Geral do Estado do Ceará >> catulohansen.blogspot.com >> >> >> -- >> To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org >> with a subject of "unsubscribe". Trouble? Contact >> listmas...@lists.debian.org >> Archive: >> http://lists.debian.org/85da0e3a1003171434n539c2fe8xe186778d3aa43...@mail.gmail.com >> >> >> >> No virus found in this incoming message. >> Checked by AVG - www.avg.com >> Version: 8.5.436 / Virus Database: 271.1.1/2752 - Release Date: 03/17/10 >> 07:33:00 > -- - Atencionamente, Catulo Kruuse Hansen Analista de Suporte Procuradoria Geral do Estado do Ceará catulohansen.blogspot.com -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85da0e3a1003180421x1a6b33cfj428224fcba52a...@mail.gmail.com