|
Hello,
I have made a firewall with iptables, works all,
except the ftp site.
If I try to connect a ftp
server on Internet I receive error of timeout!! also
programs type GETRIGHT do not work.
my rules:
# Generated by iptables-save v1.2.4 on Thu Feb 21 11:49:32 2002 *nat :PREROUTING ACCEPT [4071:405533] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [329:37900] -A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.2:80 -A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 5800 -j DNAT --to-destination 10.0.0.2:5800 -A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 5900 -j DNAT --to-destination 10.0.0.2:5900 -A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 40 -j DNAT --to-destination 10.0.0.2:40 -A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.2:80 -A PREROUTING -d 10.0.0.5 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.0.0.2:80 -A POSTROUTING -j SNAT --to-source 10.0.0.5 -A POSTROUTING -j SNAT --to-source 10.0.0.254 COMMIT # Completed on Thu Feb 21 11:49:32 2002 # Generated by iptables-save v1.2.4 on Thu Feb 21 11:49:32 2002 *filter :INPUT ACCEPT [16194:3057582] :FORWARD ACCEPT [2296:908297] :OUTPUT ACCEPT [12362:2921702] :tcp_packets - [0:0] -A INPUT -p icmp -m icmp --icmp-type 8 -j DROP -A INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT COMMIT # Completed on Thu Feb 21 11:49:32 2002 ---------------------- echo 1 > /proc/sys/net/ipv4/ip_forward iptables-restore < /etc/iptables.rules modprobe ip_nat_ftp modprobe ip_conntrack modprobe ip_conntrack_ftp |
- iptables and smp kernel 2.4.2-2smp andre
- iptables and smp kernel 2.4.2-2smp Todd Anderson
- Re: iptables hard problem [help please] EtherMage
- Re: iptables hard problem [help please] andre
- Re: iptables hard problem [help please] EtherMage
- iptables -m mac problem Sebastien Coureau
- Re: iptables -m mac problem Patrick Schaaf
- Re: iptables hard problem [help please] andre
