[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] new to IPTABLES

Subject: [ale] new to IPTABLES
From: dean777 at bellsouth.net (Dean)
Date: Sat, 12 Jan 2002 02:32:44 -0500







<font
size=2 face="Courier New">Here
is the actual script I???m using.??
The port forwarding is not working. See anything wrong?

<font
size=2 face="Courier New">??

<font
size=2 face="Courier New">Thanks
to all you late nighters???.. Dean

<font
size=2 face="Courier New">??

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">#
this script is stored in a file called "build-firewall"

<font
size=2 face="Courier New">#
execute this script from /etc/rc.d/rc.local, i.e.,

<font
size=2 face="Courier New">#
place the command "/root/build-firewall" near the end of rc.local 

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">#Enable
forwarding

<font
size=2 face="Courier New">echo
1 > /proc/sys/net/ipv4/ip_forward

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">#Accept
Policies

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">/sbin/iptables
--policy FORWARD ACCEPT

<font
size=2 face="Courier New">/sbin/iptables
-t nat --policy PREROUTING ACCEPT 

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">#Accept
Telnet on Firewall for testing port Forwarding

<font
size=2 face="Courier New">/sbin/iptables
-A INPUT -s 0/0 -p tcp --dport <font
 size=2 face="Courier New">23:23<font
size=2 face="Courier New">
-j ACCEPT 

<font
size=2 face="Courier New">/sbin/iptables
-A INPUT -s 0/0 -p tcp --sport <font
 size=2 face="Courier New">23:23<font
size=2 face="Courier New">
-j ACCEPT 

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">#<font
  size=2 face="Courier New">Enable<font
 size=2 face="Courier New">
 <span
  style='font-size:10.0pt;font-family:"Courier New"'>Port<font
size=2 face="Courier New">
forwarding

<font
size=2 face="Courier New">/sbin/iptables
-t nat --policy PREROUTING ACCEPT 

<font
size=2 face="Courier New">--sport
1024:65535 -d 66.100.100.111 --dport 23 \

<font
size=2 face="Courier New">-j
DNAT --to-destination 10.100.15.5

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">#
forward telnet through the firewall

<font
size=2 face="Courier New">/sbin/iptables
-A FORWARD -i eth0 -o hme0 -p tcp \

<font
size=2 face="Courier New">--sport
1024:65535 -d 10.100.15.5 --dport 23 \

<font
size=2 face="Courier New">-m
state --state NEW -j ACCEPT

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">#Establish
connectivity

<font
size=2 face="Courier New">/sbin/iptables
-A FORWARD -i hme0 -o eth0 \

<font
size=2 face="Courier New">-m
state --state ESTABLISHED,RELATED -j ACCEPT

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">/sbin/iptables
-A FORWARD -i eth0 -o hme0 \

<font
size=2 face="Courier New">-m
state --state ESTABLISHED,RELATED -j ACCEPT

<font
size=2 face="Courier New">#

<font
size=2 face="Courier New">??

<font
size=2 face="Courier New">??

<span style='font-size:10.0pt;
font-family:Arial'>??

Prev by Date: [ale] Mind Game for Hackers
Next by Date: [ale] new to IPTABLES
Previous by thread: [ale] new to IPTABLES
Next by thread: [ale] new to IPTABLES
Index(es):
- Date
- Thread