Ola Amigo.. esta dando erro no Iptables.. o que pode ser..
iptables -t nat -A PREROUTING -p tcp -d $ETH1 --dport 8080 -j DNAT --to 192.168.0.1:80 Bad argument `8080' Try `iptables -h' or 'iptables --help' for more information. Em 18 de março de 2010 13:49, Catulo Hansen <catu...@gmail.com> escreveu: > Não. O apache ainda vai ficar ouvindo na porta 80, quando a requisição > chegar na porta 8080 o teu firewall através da regra de NAT vai > redirecionar a requisição para porta 80 do apache. > > Em 18 de março de 2010 09:58, Lista Debian <alanbrawdeb...@gmail.com> > escreveu: >> Catulo Hansen.. me tira uma duvida.. >> Com esse scrip não vai ser necessário mudar o aquivo ports.conf do apache2? >> >> Abraço. >> >> Att: Alan >> >> -----Mensagem original----- >> De: Catulo Hansen [mailto:catu...@gmail.com] >> Enviada em: quinta-feira, 18 de março de 2010 08:22 >> Para: Thiago Silveira de Oliveira >> Cc: Lista Debian; debian-user-portuguese@lists.debian.org >> Assunto: Re: Acesso externo com no-ip >> >> Com isso, teu script teria que ficar assim: >> #NAT DE SERVIÇO >> iptables -t nat -A PREROUTING -p tcp -d $ETH1 --dport 8080 -j DNAT >> --to 192.168.0.1:80 >> >> Em 18 de março de 2010 08:03, Thiago Silveira de Oliveira >> <thiago...@ig.com.br> escreveu: >>> Funciona.........nesse caso vc pode até inventar portas.... >>> >>> 8080, 9090, 1010, e assim por diante..... >>> >>> [ ] , >>> >>> Thiago >>> >>> Em 17 de março de 2010 21:34, Lista Debian <alanbrawdeb...@gmail.com> >>> escreveu: >>>> >>>> Então thiago.. e se eu mudar para a porta 8080? >>>> >>>> >>>> >>>> Sera que funciona? >>>> >>>> >>>> >>>> De: Thiago Silveira de Oliveira [mailto:thiago...@ig.com.br] >>>> Enviada em: quarta-feira, 17 de março de 2010 20:10 >>>> Para: Catulo Hansen >>>> Cc: Lista Debian; debian-user-portuguese@lists.debian.org >>>> Assunto: Re: Acesso externo com no-ip >>>> >>>> >>>> >>>> Pessoal..... >>>> >>>> A telefonica bloqueia trafego entrante em conexoes ADSL HOME, ou seja as >>>> portas 21,25,80 e 110 sao bloqueadas justamente para o cidadão não fazer >>>> "servidor" com ele. >>>> >>>> [ ] , >>>> >>>> Thiago >>>> >>>> >>>> Em 17 de março de 2010 18:34, Catulo Hansen <catu...@gmail.com> escreveu: >>>> >>>> Tú tem que carregar os seguintes módulos no teu script: >>>> >>>> modprobe ip_tables >>>> modprobe iptable_nat >>>> modprobe ip_nat_ftp >>>> modprobe ip_conntrack_ftp >>>> >>>> Em 17 de março de 2010 17:18, Lista Debian <alanbrawdeb...@gmail.com> >>>> escreveu: >>>> > #Variavel >>>> > Coloquei essas linhas conforme vc falo mas parece que agora esta dando >>>> > erro >>>> > no iptables. Vou pegar as logs >>>> > >>>> > >>>> > >>>> > ETH1=`ifconfig eth1 |grep "inet end" |cut -d: -f2|cut -d" " -f2` >>>> > >>>> > #NAT DE SERVIÇO >>>> > iptables -t nat -A PREROUTING -p tcp -d $ETH1 --dport 80 -j DNAT --to >>>> > 192.168.0.1:80 >>>> > >>>> > >>>> > >>>> > >>>> > -----Mensagem original----- >>>> > De: Catulo Hansen [mailto:catu...@gmail.com] >>>> > Enviada em: quarta-feira, 17 de março de 2010 16:54 >>>> > Para: Lista Debian >>>> > Cc: debian-user-portuguese@lists.debian.org >>>> > Assunto: Re: Acesso externo com no-ip >>>> > >>>> > Adicione no seu script: >>>> > #Variavel >>>> > ETH1=`ifconfig eth1 |grep "inet end" |cut -d: -f2|cut -d" " -f2` >>>> > >>>> > #NAT DE SERVIÇO >>>> > iptables -t nat -A PREROUTING -p tcp -d $ETH1 --dport 80 -j DNAT --to >>>> > IPSERVIDORAPACHE:80 >>>> > >>>> > Em 17 de março de 2010 15:43, Lista Debian <alanbrawdeb...@gmail.com> >>>> > escreveu: >>>> >> Srs. Ainda sou leigo no assunto. Estou tentando configura o no –ip >> para >>>> >> acessa o meu apache.. o acesso interno funciona perfeitamente. >>>> >> http://bmxdebian.no-ip.biz ele até responde aos ping.. mas quando >>>> >> tendo >>>> > o >>>> >> acesso externo não vai nem responde aos pings.. >>>> >> >>>> >> >>>> >> >>>> >> Segue a baixo as configurações no meu iptables. >>>> >> >>>> >> >>>> >> >>>> >> OBS: eth0 => rede interna eth1=> mondem ADSL speedy >>>> >> >>>> >> >>>> >> >>>> >> >>>> >> >>>> >> #!bin/bash >>>> >> >>>> >> iptables -F >>>> >> >>>> >> iptables -F INPUT >>>> >> >>>> >> iptables -F OUTPUT >>>> >> >>>> >> iptables -F POSTROUTING -t nat >>>> >> >>>> >> iptables -F PREROUTING -t nat >>>> >> >>>> >> >>>> >> >>>> >> # echo 1 > /proc/sys/net/ipv4/ip_forward >>>> >> >>>> >> # iptables -P FORWARD ACCEPT >>>> >> >>>> >> # iptables -A POSTROUTING -t nat -s 192.168.0.0/24 -o eth1 -j >>>> >> MASQUERADE >>>> >> >>>> >> >>>> >> >>>> >> # PROXY TRANSTPARENTE >>>> >> >>>> >> echo 1 > /proc/sys/net/ipv4/ip_forward >>>> >> >>>> >> iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE >>>> >> >>>> >> iptables -t nat -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp >>>> >> --dport >>>> > 80 >>>> >> -j REDIRECT --to-port 3128 >>>> >> >>>> >> >>>> >> >>>> >> # Webmin >>>> >> >>>> >> iptables -A INPUT -t tcp --dport 10000 -j ACCEPT >>>> >> >>>> >> >>>> >> >>>> >> # Libera FTP >>>> >> >>>> >> iptables -t filter -A INPUT -i eth1 -p tcp -m multiport --dports 21,20 >>>> >> -j >>>> >> ACCEPT >>>> >> >>>> >> iptables -t filter -A INPUT -i eth1 -p udp -m multiport --sports 21,20 >>>> >> -j >>>> >> ACCEPT >>>> >> >>>> >> >>>> >> >>>> >> iptables -A INPUT -i lo -j ACCEPT >>>> >> >>>> >> iptables -A INPUT -i eth1 -j ACCEPT >>>> >> >>>> >> >>>> >> >>>> >> # Libera SSH >>>> >> >>>> >> iptables -A INPUT -p tcp --dport 22 -j ACCEPT >>>> >> >>>> >> >>>> >> >>>> >> >>>> >> >>>> >> # Port scanners ocultos >>>> >> >>>> >> iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit >>>> > --limit >>>> >> 1/s -j ACCEPT >>>> >> >>>> >> >>>> >> >>>> >> # Ping da morte >>>> >> >>>> >> iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit >>>> >> 1/s >>>> > -j >>>> >> ACCEPT >>>> >> >>>> >> >>>> >> >>>> >> >>>> > >>>> > >>>> > >>>> > -- >>>> > - >>>> > Atencionamente, >>>> > >>>> > Catulo Kruuse Hansen >>>> > Analista de Suporte >>>> > Procuradoria Geral do Estado do Ceará >>>> > catulohansen.blogspot.com >>>> > No virus found in this incoming message. >>>> > Checked by AVG - www.avg.com >>>> > Version: 8.5.436 / Virus Database: 271.1.1/2752 - Release Date: >> 03/17/10 >>>> > 07:33:00 >>>> > >>>> > >>>> >>>> >>>> >>>> -- >>>> - >>>> Atencionamente, >>>> >>>> Catulo Kruuse Hansen >>>> Analista de Suporte >>>> Procuradoria Geral do Estado do Ceará >>>> catulohansen.blogspot.com >>>> >>>> >>>> -- >>>> To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org >>>> with a subject of "unsubscribe". Trouble? Contact >>>> listmas...@lists.debian.org >>>> Archive: >>>> >> http://lists.debian.org/85da0e3a1003171434n539c2fe8xe186778d3aa43...@mail.gm >> ail.com >>>> >>>> >>>> >>>> No virus found in this incoming message. >>>> Checked by AVG - www.avg.com >>>> Version: 8.5.436 / Virus Database: 271.1.1/2752 - Release Date: 03/17/10 >>>> 07:33:00 >>> >> >> >> >> -- >> - >> Atencionamente, >> >> Catulo Kruuse Hansen >> Analista de Suporte >> Procuradoria Geral do Estado do Ceará >> catulohansen.blogspot.com >> No virus found in this incoming message. >> Checked by AVG - www.avg.com >> Version: 8.5.436 / Virus Database: 271.1.1/2754 - Release Date: 03/18/10 >> 07:33:00 >> >> > > > > -- > - > Atencionamente, > > Catulo Kruuse Hansen > Analista de Suporte > Procuradoria Geral do Estado do Ceará > catulohansen.blogspot.com > -- To UNSUBSCRIBE, email to debian-user-portuguese-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e0f50c841003192109x3925ec59x62e4e5c883fc7...@mail.gmail.com