From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Guillaume" Subject: nat table Date: Sat, 7 Sep 2002 18:56:06 +0200 Sender: netfilter-admin@lists.netfilter.org Message-ID: <000901c2568f$757ca410$0100a8c0@poste1> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0006_01C256A0.38AB4620" Return-path: Errors-To: netfilter-admin@lists.netfilter.org List-Help: List-Post: List-Subscribe: , List-Id: List-Unsubscribe: , List-Archive: To: netfilter@lists.netfilter.org This is a multi-part message in MIME format. ------=_NextPart_000_0006_01C256A0.38AB4620 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I have a windows PC behind a linux gateway with iptables. Whit it, the = default policy for all is DROP, but the two line "mangle" are ACCEPT. All work well to go on internet, send/received email,etc... But there is one thing wich don't want to work, and i don't understand = at all what is wrong. I have a small daemon who is listening on my = network card eth0 on LAN side at port 3000, and I can't connect on it = from my windows browser. But, when I put policy for nat table "POSTROUTING, OUTPUT" to ACCEPT, = it's work! I am able to connect on my daemon. I don't understand because I have between other the folowing rules: iptables -t nat -A PREROUTING -i eth0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j ACCEPT iptables -t nat -A OUTPUT -o eth0 -j ACCEPT Why when i put default policy of nat table to DROP, i can't connect? = even with this rules? What i have to do against? Thanks. Guillaume. ------=_NextPart_000_0006_01C256A0.38AB4620 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I have a windows PC behind a linux = gateway with=20 iptables. Whit it, the default policy for all is DROP, but the two line = "mangle"=20 are ACCEPT.
All work well to go on internet, = send/received=20 email,etc...
But there is one thing wich don't = want to=20 work, and i don't understand at all what is wrong. I have a small daemon = who is=20 listening on my network card eth0 on LAN side at port 3000, and I can't = connect=20 on it from my windows browser.
But, when I put policy for nat table = "POSTROUTING,=20 OUTPUT" to ACCEPT, it's work! I am able to connect on my = daemon.
I don't understand because I have = between other the=20 folowing rules:
 
iptables -t nat -A = PREROUTING   -i eth0=20 -j ACCEPT
iptables -t nat -A POSTROUTING -o = eth0 -j=20 ACCEPT
iptables -t nat -A=20 OUTPUT           -= o eth0=20 -j ACCEPT
 
Why when i put default policy of nat = table to DROP,=20 i can't connect? even with this rules?
What i have to do against?
 
Thanks.
 
       =20 Guillaume.
------=_NextPart_000_0006_01C256A0.38AB4620--