Re: whats wrong??? - Vlad Janicek

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Vlad Janicek <vladjanicek@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Re: whats wrong???
Date: Tue, 28 Jun 2005 13:32:45 -0400	[thread overview]
Message-ID: <96bc76cf05062810322e6ffcbd@mail.gmail.com> (raw)
In-Reply-To: <42C17D6F.70709@adinet.com.uy>

which IP address are you using? could you paste the script you use and your 
nic configurations??

2005/6/28, Juan Manuel Tato <madness@adinet.com.uy>:
> 
> hi, i'm configuring a firewall, and i need some port forwarding
> to ip 192.168.100.1 <http://192.168.100.1> from my public ip.
> but isn't working....
> where come the output of the chains
> 
> fw-new:~# iptables -L -n
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> ACCEPT all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
> ACCEPT all -- 192.168.100.1 <http://192.168.100.1> 0.0.0.0/0<http://0.0.0.0/0>
> ACCEPT all -- 192.168.100.2 <http://192.168.100.2> 0.0.0.0/0<http://0.0.0.0/0>
> ACCEPT all -- 192.168.100.3 <http://192.168.100.3> 0.0.0.0/0<http://0.0.0.0/0>
> ACCEPT all -- 192.168.100.4 <http://192.168.100.4> 0.0.0.0/0<http://0.0.0.0/0>
> ACCEPT all -- 192.168.100.5 <http://192.168.100.5> 0.0.0.0/0<http://0.0.0.0/0>
> ACCEPT all -- 192.168.100.6 <http://192.168.100.6> 0.0.0.0/0<http://0.0.0.0/0>
> ACCEPT all -- 192.168.100.7 <http://192.168.100.7> 0.0.0.0/0<http://0.0.0.0/0>
> ACCEPT all -- 192.168.100.8 <http://192.168.100.8> 0.0.0.0/0<http://0.0.0.0/0>
> ACCEPT all -- 192.168.100.9 <http://192.168.100.9> 0.0.0.0/0<http://0.0.0.0/0>
> 
> badflags tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp
> flags:0x3F/0x29
> badflags tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp
> flags:0x3F/0x3F
> badflags tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp
> flags:0x3F/0x37
> badflags tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp
> flags:0x3F/0x00
> badflags tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp
> flags:0x06/0x06
> badflags tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp
> flags:0x03/0x03
> ACCEPT icmp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>icmp type 0
> ACCEPT icmp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>icmp type 3
> ACCEPT icmp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>icmp type 11
> ACCEPT icmp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>icmp type 8
> limit: avg 1/sec burst 5
> firewall icmp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
> ACCEPT tcp -- 192.168.100.0/24 <http://192.168.100.0/24> 0.0.0.0/0<http://0.0.0.0/0>tcp dpt:22
> ACCEPT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp dpt:80
> ACCEPT udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>udp dpt:80
> ACCEPT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp dpt:25
> ACCEPT udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>udp dpt:25
> ACCEPT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp dpt:110
> ACCEPT udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>udp dpt:110
> ACCEPT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp dpt:143
> ACCEPT udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>udp dpt:143
> ACCEPT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>tcp dpt:53
> ACCEPT udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>udp dpt:53
> ACCEPT all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>state
> RELATED,ESTABLISHED
> silent udp -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>udp spt:137
> dpt:137
> dropwall all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
> 
> Chain FORWARD (policy ACCEPT)
> target prot opt source destination
> DROP all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>state
> INVALID,NEW
> ACCEPT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 192.168.100.1<http://192.168.100.1>tcp dpt:80
> ACCEPT udp -- 0.0.0.0/0 <http://0.0.0.0/0> 192.168.100.1<http://192.168.100.1>udp dpt:80
> ACCEPT tcp -- 0.0.0.0/0 <http://0.0.0.0/0> 192.168.100.1<http://192.168.100.1>tcp dpt:25
> ACCEPT udp -- 0.0.0.0/0 <http://0.0.0.0/0> 192.168.100.1<http://192.168.100.1>udp dpt:25
> 
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
> 
> Chain badflags (6 references)
> target prot opt source destination
> LOG all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>limit: avg
> 15/min burst 5 LOG flags 0 level 4 prefix `Badflags:'
> DROP all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
> 
> Chain dropwall (1 references)
> target prot opt source destination
> LOG all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>limit: avg
> 15/min burst 5 LOG flags 0 level 4 prefix `Dropwall:'
> DROP all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
> 
> Chain firewall (1 references)
> target prot opt source destination
> LOG all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>limit: avg
> 15/min burst 5 LOG flags 0 level 4 prefix `Firewall:'
> DROP all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
> 
> Chain silent (1 references)
> target prot opt source destination
> DROP all -- 0.0.0.0/0 <http://0.0.0.0/0> 0.0.0.0/0 <http://0.0.0.0/0>
> 
> 


-- 
Vlad

next prev parent reply	other threads:[~2005-06-28 17:32 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-06-28 16:40 whats wrong??? Juan Manuel Tato
2005-06-28 17:32 ` Vlad Janicek [this message]
2005-06-28 18:04   ` Juan Manuel Tato
2005-06-29  1:09     ` Vlad Janicek
2005-06-30 10:43 ` Jan Engelhardt

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=96bc76cf05062810322e6ffcbd@mail.gmail.com \
    --to=vladjanicek@gmail.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.