RE: [Linux-ag] IPTABLES

koskay@cozumbilgisayar.com.tr

--
Kivanc Oskay
System Support Specialist
Cozum Bilgisayar Ltd.
>-----Original Message-----
>From: linux-ag-bounces@liste.linux.org.tr 
>[mailto:linux-ag-bounces@liste.linux.org.tr] On Behalf Of 
>Ahmet Selman INANC
>Sent: Friday, July 08, 2005 10:01 AM
>To: linux-ag@liste.linux.org.tr
>Subject: [Linux-ag] IPTABLES
>
>
>Merhaba;
>
>iptables kurallarim asagidaki gibi fakat bunu devreye alinca 
>clientlarin
>interneti calismiyor neyi yanlis yapiyor olabilir. ??
>
>Eth0 = LAN
>Eth1 = ADSL
>Eth2 = LL
>
>
>-A INPUT -i lo -j ACCEPT 
>-A INPUT -p icmp -m icmp --icmp-type any -j ACCEPT 
>-A INPUT -p ipv6-crypt -j ACCEPT 
>-A INPUT -p ipv6-auth -j ACCEPT 
>-A INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
>-A INPUT -p udp -m udp --dport 631 -j ACCEPT 
>-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
>-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT 
>-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT 
>-A INPUT -p tcp -m state --state NEW -m tcp --dport 21 -j ACCEPT 
>-A INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT 
>-A INPUT -p tcp -m state --state NEW -m tcp --dport 10000 -j ACCEPT
>-A INPUT -p tcp -m state --state NEW -m tcp --dport 3128 -j ACCEPT
>-A INPUT -p tcp -m state --state NEW -m tcp --dport 445 -j ACCEPT
>-A INPUT -p tcp -m state --state NEW -m tcp --dport 3500 -j ACCEPT
>-A INPUT -j REJECT --reject-with icmp-host-prohibited 
>
>
>-A PREROUTING -d 212.212.212.212 -p tcp -m tcp --dport 21 -j DNAT
>--to-destination 192.168.2.100:21
>-A POSTROUTING -o eth1 -j MASQUERADE 
>-A POSTROUTING -o eth2 -j MASQUERADE 
>-A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT 
>--to-ports 3128 
>-A PREROUTING -p tcp -m tcp -i eth0 --dport 1863 -j REDIRECT 
>--to-ports 3128
>
>
>
>
>
>
>
>
>
>Ahmet Selman INANC
>IT Specialist
>
>