Find the answer to your Linux question:
Page 3 of 3 FirstFirst 1 2 3
Results 21 to 29 of 29
e; iptables -t $table -L -n; echo; done nat Chain PREROUTING (policy ACCEPT) target prot opt source destination DROP all -- 192.168.0.0/16 0.0.0.0/0 DROP all -- 10.0.0.0/8 0.0.0.0/0 DROP all ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #21
    Just Joined!
    Join Date
    Mar 2003
    Posts
    20

    e; iptables -t $table -L -n; echo; done
    nat
    Chain PREROUTING (policy ACCEPT)
    target prot opt source destination
    DROP all -- 192.168.0.0/16 0.0.0.0/0
    DROP all -- 10.0.0.0/8 0.0.0.0/0
    DROP all -- 172.16.0.0/12 0.0.0.0/0

    Chain POSTROUTING (policy ACCEPT)
    target prot opt source destination
    MASQUERADE all -- 192.168.0.0/24 0.0.0.0/0

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

    filter
    Chain INPUT (policy ACCEPT)
    target prot opt source destination

    Chain FORWARD (policy DROP)
    target prot opt source destination
    ACCEPT all -- 192.168.0.0/24 0.0.0.0/0
    ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABL
    ISHED
    ACCEPT all -- 0.0.0.0/0 192.168.0.0/24

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

  2. #22
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    Quote Originally Posted by souldreamer
    DROP all -- 192.168.0.0/16 0.0.0.0/0
    DROP all -- 10.0.0.0/8 0.0.0.0/0
    DROP all -- 172.16.0.0/12 0.0.0.0/0
    That can't be right? Are you aware that it tells the kernel to drop all packets that should be routed?

  3. #23
    Just Joined!
    Join Date
    Mar 2003
    Posts
    20
    Well... I use a script from a friend of mine... I did't noticed that

  4. $spacer_open
    $spacer_close
  5. #24
    Just Joined!
    Join Date
    Mar 2003
    Posts
    20
    nat
    Chain PREROUTING (policy ACCEPT)
    target prot opt source destination
    ACCEPT all -- 192.168.0.0/16 0.0.0.0/0
    ACCEPT all -- 10.0.0.0/8 0.0.0.0/0
    ACCEPT all -- 172.16.0.0/12 0.0.0.0/0

    Chain POSTROUTING (policy ACCEPT)
    target prot opt source destination
    MASQUERADE all -- 192.168.0.0/24 0.0.0.0/0

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

    filter
    Chain INPUT (policy ACCEPT)
    target prot opt source destination

    Chain FORWARD (policy DROP)
    target prot opt source destination
    ACCEPT all -- 192.168.0.0/24 0.0.0.0/0
    ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
    ACCEPT all -- 0.0.0.0/0 192.168.0.0/24

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination


    Is it right now?

  6. #25
    Just Joined!
    Join Date
    Mar 2003
    Posts
    20
    Whaaaaaaaaaaaaaahoooooooooooooooooo. It's working now!!! Thank you guys. I could not make
    it without your help!!!

  7. #26
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    If you're just going to set them to ACCEPT, you can just as well remove those rules, since that chain's default action is ACCEPT.
    Else, it's mainly correct, but maybe a little inappropriate; what kind of ISP do you have? Do your IP address change?

  8. #27
    Just Joined!
    Join Date
    Mar 2003
    Posts
    20
    I have a cable connection. The ip changes only when i make a clean install of the OS.

  9. #28
    Just Joined!
    Join Date
    Mar 2003
    Posts
    20
    One more question. This script only works with red hat. is there a toturial for this to other distros?

  10. #29
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    There are oh so many tutorials on iptables. The best documentation that I know of is that in the manpage, though.
    Since you have a relatively stable IP address, you should be using the SNAT target instead of MASQUERADE, but it's no big deal. SNAT is also described in the manpage.

Page 3 of 3 FirstFirst 1 2 3

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •