kalo saya pake script ini, saya tidak bisa konek ke htpps ataupun port2 lain. Harusnya kan forward. kira2 apanya yang salah?

PORT_FORWARD='123 443 25 110 995 143 22 21 20 194 5050 6667 3142'
# internet port in, local network always allow
PORT_IN='123 443 10000 25 110 995 143 22 21 20 5050 6667 3142'

 # Setting default filter policy
 iptables -P INPUT DROP
 iptables -P OUTPUT ACCEPT
 iptables -P FORWARD DROP

 # Unlimited access to loop back
 iptables -A INPUT -i lo -j ACCEPT
 iptables -A OUTPUT -o lo -j ACCEPT
 # Allow UDP, DNS and Passive FTP
iptables -A INPUT -i $INTERNET1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i $INTERNET2 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i $INTERNET3 -m state --state ESTABLISHED,RELATED -j ACCEPT
 # set this system as a router for Rest of LAN
 iptables -t nat -A POSTROUTING -o $INTERNET1 -j MASQUERADE
 iptables -t nat -A POSTROUTING -o $INTERNET2 -j MASQUERADE
 iptables -t nat -A POSTROUTING -o $INTERNET3 -j MASQUERADE

 iptables -A INPUT -i $LAN_IN -j ACCEPT

 # FORWARD RULES
for PORT in $PORT_FORWARD; do iptables -A FORWARD -i $LAN_IN -p tcp --dport $PORT -j ACCEPT iptables -A FORWARD -i $LAN_IN -p udp --dport $PORT -j ACCEPT done
 # IN RULES FOR LOCAL
#for PORT in $PORT_IN; do # iptables -A INPUT -i $INTERNET -p tcp --sport $PORT -j ACCEPT #done # Allow forward to modem from dserver only, drop others

 # Allow all output through internet interface
 iptables -A OUTPUT -o $INTERNET1 -j ACCEPT
 iptables -A OUTPUT -o $INTERNET2 -j ACCEPT
 iptables -A OUTPUT -o $INTERNET3 -j ACCEPT

 # Allow ping from all interfaces
 iptables -A INPUT -i $LAN_IN -p ICMP -j ACCEPT
 iptables -A INPUT -i $INTERNET1 -p ICMP -j ACCEPT
iptables -A INPUT -i $INTERNET2 -p ICMP -j ACCEPT iptables -A INPUT -i $INTERNET3 -p ICMP -j ACCEPT

iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j REDIRECT --to-port $SQUID_PORT iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 8080 -j REDIRECT --to-port $SQUID_PORT

 iptables -A OUTPUT -o $LAN_IN -j ACCEPT

--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke [EMAIL PROTECTED]
Arsip dan info milis selengkapnya di http://linux.or.id/milis

Kirim email ke