Ola, Alguem sabe pq apresenta esta mensagem Jan 13 10:56:42 MailServer kernel: host 10.0.0.4/if3 ignores redirects for 10.0.0.9 to 10.0.0.9.
Utilizo o seguinte /sbin/depmod -a /sbin/modprobe ip_tables /sbin/modprobe ip_conntrack /sbin/modprobe ip_conntrack_ftp /sbin/modprobe iptable_nat /sbin/modprobe iptable_filter /sbin/modprobe ip_nat_ftp /sbin/modprobe ipt_REJECT echo 1 > /proc/sys/net/ipv4/ip_forward echo "1024 65535" > /proc/sys/net/ipv4/ip_local_port_range echo 1 > /proc/sys/net/ipv4/icmp_echoreply_rate echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses echo 0 > /proc/sys/net/ipv4/tcp_sack echo 1 > /proc/sys/net/ipv4/tcp_syncookies echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout echo 0 > /proc/sys/net/ipv4/tcp_window_scaling echo 2400 > /proc/sys/net/ipv4/tcp_keepalive_time echo 2 > /proc/sys/net/ipv4/conf/all/rp_filter echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route echo 0 > /proc/sys/net/ipv4/tcp_timestamps echo 1 > /proc/sys/net/ipv4/conf/all/log_martians echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects # Apaga Tudo iptables -F iptables -t nat -F iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP # Inicia Regras iptables -A FORWARD -p icmp --icmp-type echo-request -j DROP iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT iptables -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT iptables -t nat -A PREROUTING -i eth0 -j DNAT --to 10.0.0.9 iptables -t nat -A PREROUTING -i eth1 -j DNAT --to 10.0.0.9 iptables -A INPUT -s $Redelocal -i eth0 -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -s $Redelocal -j ACCEPT iptables -A FORWARD -p tcp --dport 21 -j ACCEPT #Porta de FTP iptables -A FORWARD -p tcp --dport 25 -j ACCEPT #Porta de SMTP iptables -A FORWARD -p tcp --dport 80 -j ACCEPT #Porta de http iptables -A FORWARD -p tcp --dport 110 -j ACCEPT #Porta POP3 iptables -A FORWARD -p tcp --dport 1080 -j ACCEPT #PortaICQ/Messenger iptables -A FORWARD -p udp --dport 1080 -j ACCEPT iptables -A FORWARD -p tcp --dport 3128 -j ACCEPT #WWWProxy iptables -A FORWARD -p udp --dport 3128 -j ACCEPT iptables -A FORWARD -p tcp --sport 21 -j ACCEPT #Porta de FTP iptables -A FORWARD -p tcp --sport 25 -j ACCEPT #Porta de SMTP iptables -A FORWARD -p tcp --sport 80 -j ACCEPT #Porta de http iptables -A FORWARD -p tcp --sport 110 -j ACCEPT #Porta POP3 iptables -A FORWARD -p tcp --sport 1080 -j ACCEPT #PortaICQ/Messenger iptables -A FORWARD -p udp --sport 1080 -j ACCEPT iptables -A FORWARD -p tcp --sport 3128 -j ACCEPT #WWWProxy iptables -A FORWARD -p udp --sport 3128 -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -s 127.0.0.1/24 -j ACCEPT iptables -A INPUT -p tcp --dport 21 -j ACCEPT iptables -A INPUT -p udp --dport 21 -j ACCEPT iptables -A INPUT -p tcp --dport 25 -j ACCEPT iptables -A INPUT -p udp --dport 25 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT iptables -A INPUT -p udp --dport 80 -j ACCEPT iptables -A INPUT -p tcp --dport 110 -j ACCEPT iptables -A INPUT -p udp --dport 110 -j ACCEPT iptables -A INPUT -p tcp --dport 1080 -j ACCEPT iptables -A INPUT -p udp --dport 1080 -j ACCEPT iptables -A INPUT -p tcp --dport 3128 -j ACCEPT iptables -A INPUT -p udp --dport 3128 -j ACCEPT iptables -A INPUT -i eth0 -p tcp --dport 21 -j LOG --log-prefix "FIREWALL - ftp: " iptables -A INPUT -i eth0 -p tcp --dport 25 -j LOG --log-prefix "FIREWALL - smtp: " iptables -A INPUT -i eth0 -p udp --dport 53 -j LOG --log-prefix "FIREWALL - dns: " iptables -A INPUT -i eth0 -p tcp --dport 80 -j LOG --log-prefix "FIREWALL - http: " iptables -A INPUT -i eth0 -p tcp --dport 110 -j LOG --log-prefix "FIREWALL - pop3: " Certos de sua habitual acolhida, firmamos gratos Atenciosamente, Rog�rio A. Tortosa Consultor TI Pr�-Data System�s Softwares & Servi�os Ltda. Phone / Fax: +55 11 4227-1200 ICQ n�: 170670672 E-mail:[EMAIL PROTECTED] http://www.prodatasystems.com.br Assinantes em 13/01/2003: 2249 Mensagens recebidas desde 07/01/1999: 196752 Historico e [des]cadastramento: http://linux-br.conectiva.com.br Assuntos administrativos e problemas com a lista: mailto:[EMAIL PROTECTED]
