Linux Netfilter discussions
 help / color / mirror / Atom feed
* IP range
@ 2003-09-25 13:02 Andy Samuel
  2003-09-25 13:52 ` Ray Leach
  0 siblings, 1 reply; 5+ messages in thread
From: Andy Samuel @ 2003-09-25 13:02 UTC (permalink / raw)
  To: netfilter

Dear All

I follow the example of ip range feature to block my
incoming connection starting from IP 192.168.0.76 to
254, but allowing 192.168.0.1 to 75 to pass.
So I use :
iptables -A FORWARD -m iprange --src-range
192.168.0.76-192.168.0.254 -p TCP -j DROP.

It shows error that iptables can not find
libipt_iprange.
I've check /lib/iptables and no any file about
iprange.
But I know my kernel already compiled with iprange
enabled and ipt_iprange is already loaded as module (
I can see it from lsmod ).

How do I get libipt_iprange.so ?
What is the connection of the file with the kernel
module of ipt_iprange.so ?

Thank you so much

__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com


^ permalink raw reply	[flat|nested] 5+ messages in thread
* ip range
@ 2003-08-01 12:11 laurent
  0 siblings, 0 replies; 5+ messages in thread
From: laurent @ 2003-08-01 12:11 UTC (permalink / raw)
  To: netfilter

i set up a firewall with iptables
the firewall has three interface :
eth0 (192.168.1.1) connecting the lan with a server and three workstations 
(192.168.1.xxx)
eth1 (192.168.2.1) connecting the dmz with a webserver (192.168.2.xxx)
eth2 (192.168.4.1) connected to the internet via a cable router

the webserver (apache 2.0) on the dmz has three interface : eth0 (192.168.2.2), eth1 
(192.168.2.3) and eth2 (192.168.2.4) for SSL purpose that not support virtualhost 
directive
I use dyndns service with three dynamic hosts, one for each interface
My problem is that I don't know how to foward port 80 requests to all ip addresses.
I just succeeded to foward one by one but apache serves the same site for each 
dynamic host

I had read the DNAT howto but I not sure it's what I need to do ?
any idea please ?

Laurent



^ permalink raw reply	[flat|nested] 5+ messages in thread
* Ip range
@ 2003-04-16 15:22 Philippe Dhont   (Sea-ro)
  2003-04-16 17:11 ` Kim Jensen
  0 siblings, 1 reply; 5+ messages in thread
From: Philippe Dhont   (Sea-ro) @ 2003-04-16 15:22 UTC (permalink / raw)
  To: netfilter

Howdy,

I use an IP range 10.60.10.10 and 10.165.10.10 and 192.168.50.10
With subnet mask 255.255.0.0
But in my firewall script i have to us 10.60.0.0/8
And this shows up (off course) as 10.0.0.0 but if i use 10.60.0.0 i get an
error that this is not right.
How can i use the correct range so that i get 10.60.0.0 and 10.165.0.0 and
192.168.0.0 in my iptables ?

Thnx!

	--Tronstr@xsomic--


^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2003-09-25 13:52 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2003-09-25 13:02 IP range Andy Samuel
2003-09-25 13:52 ` Ray Leach
  -- strict thread matches above, loose matches on Subject: below --
2003-08-01 12:11 ip range laurent
2003-04-16 15:22 Ip range Philippe Dhont   (Sea-ro)
2003-04-16 17:11 ` Kim Jensen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox