Re: [gentoo-user] Setting up a home router

Wed, 17 Jan 2007 11:08:59 -0800 

Hi again,

it seems that i was running in another problem.

This are my current iptables!

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
block      all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state
NEW,RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state
NEW,RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
block      all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain block (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state NEW
DROP       all  --  anywhere             anywhere

But everytime i start my internet connection with /etc/init.d/net.eth1
start it seems my rules were changed to this and i can't connect to
the internet!

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
LOG        udp  --  anywhere             anywhere            udp
dpts:0:1023 LOG level warning
LOG        tcp  --  anywhere             anywhere            tcp
dpts:0:1023 LOG level warning
DROP       udp  --  anywhere             anywhere            udp dpts:0:1023
DROP       tcp  --  anywhere             anywhere            tcp dpts:0:1023
LOG        tcp  --  anywhere             anywhere            tcp
flags:FIN,SYN,RST,ACK/SYN LOG level warning
DROP       tcp  --  anywhere             anywhere            tcp
flags:FIN,SYN,RST,ACK/SYN
DROP       icmp --  anywhere             anywhere            icmp echo-request

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain block (0 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state NEW
DROP       all  --  anywhere             anywhere

What could be the problem here? Is the net init-script changing my
rules? I think i have removed shorewall completely, so there shouldn't
be any remaining files which could cause that behavior. Or are there
some remaining files from shorewall? When i invoke iptables save with
my generate rules and restart
iptables, the rules are ok and i can connect!

Thanks in advance!

Daniel
--
gentoo-user@gentoo.org mailing list

Reply via email to