From: Ahmet Selman INANC (selmaninanc@ihlas.net.tr)
Date: Fri 08 Jul 2005 - 10:01:26 EEST
Merhaba;
iptables kurallarim asagidaki gibi fakat bunu devreye alinca clientlarin
interneti calismiyor neyi yanlis yapiyor olabilir. ??
Eth0 = LAN
Eth1 = ADSL
Eth2 = LL
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A INPUT -p ipv6-crypt -j ACCEPT
-A INPUT -p ipv6-auth -j ACCEPT
-A INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A INPUT -p udp -m udp --dport 631 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3128 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 445 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 3500 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A PREROUTING -d 212.212.212.212 -p tcp -m tcp --dport 21 -j DNAT
--to-destination 192.168.2.100:21
-A POSTROUTING -o eth1 -j MASQUERADE
-A POSTROUTING -o eth2 -j MASQUERADE
-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A PREROUTING -p tcp -m tcp -i eth0 --dport 1863 -j REDIRECT --to-ports 3128
Ahmet Selman INANC
IT Specialist
_______________________________________________
Linux-ag mailing list
Linux-ag@liste.linux.org.tr
http://liste.linux.org.tr/mailman/listinfo/linux-ag