From: Bart <b-m@pandora.be>
To: Net Filter <netfilter@lists.netfilter.org>
Subject: Re: Newbie question
Date: Tue, 10 Dec 2002 14:09:20 +0100 [thread overview]
Message-ID: <3DF5E780.8080802@myland.org> (raw)
In-Reply-To: AAEOLIGMOIBLFHGNBBEMCEIECBAA.glens@cybercorpinc.com
[-- Attachment #1: Type: text/plain, Size: 1439 bytes --]
Glen Spidal wrote:
> What IPTables commands do I need to issue in a script to allow port 25
> and 110 (email) to work. See attached PDF file.
Can't you set up the Windows 2000 Pro as a client, and use Linux as the
main router ?
Otherwise you need to do:
1) add destination(192.168.254.X)-gateway(192.168.0.47) route for each
client PC on the windows PC,
since the client IP's are dynamic, this is impractical.
OR
2) enable MASQUERADING on the linuxbox
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
In both cases enable ip_forwarding on the linuxbox.
echo "1" > /proc/sys/net/ipv4/ip_forward
This offcourse doesn't matter for http if you use a proxy, but anything
else
won't work without one of the two mentioned above.
Then you can add some rules like:
iptables -P forward drop
iptables -A forward -i eth0 -o eth1 -sport 25 -m state --state
ESTABLISHED -j ACCEPT
iptables -A forward -i eth1 -o eth0 -dport 25 -j ACCEPT
iptables -A forward -i eth0 -o eth1 -sport 110 -m state --state
ESTABLISHED -j ACCEPT
iptables -A forward -i eth1 -o eth0 -dport 110 -j ACCEPT
The ip of eth0 (192.168.254.250) is the same as the dhcp-server
(192.168.254.250) which
doesn't make sense (to me).
( eth0 = connected to windows, eth1 connect to switch )
HTH
greetz
B.Mermuys
>
> Glen Spidal
> Hillsboro Oregon USA
> PH: 503-681-9786 FX: 503-615-2936
> www.cybercorpinc.com <http://www.cybercorpinc.com/>
>
[-- Attachment #2: Type: text/html, Size: 2555 bytes --]
next prev parent reply other threads:[~2002-12-10 13:09 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-12-08 23:37 Newbie question Glen Spidal
2002-12-10 13:09 ` Bart [this message]
-- strict thread matches above, loose matches on Subject: below --
2009-07-30 18:03 newbie question Gergely Buday
2004-06-08 4:16 Newbie Question mafioso1823
2004-06-08 11:09 ` John A. Sullivan III
2004-04-08 11:57 newbie question M. Ahmad Ijaz
2004-04-08 12:02 ` Antony Stone
2004-04-08 12:32 ` M. Ahmad Ijaz
2004-04-08 12:41 ` Antony Stone
2004-04-08 12:43 ` ro0ot
2004-04-08 12:32 ` Jeffrey Laramie
2004-04-08 12:47 ` Antony Stone
2004-04-08 12:09 ` Frank Gruellich
2004-04-09 4:33 ` M. Ahmad Ijaz
2004-04-08 16:26 ` Alexis
[not found] <385FE68A-FB2E-11D7-B96A-000393B2CBCE@apple.com>
2003-10-10 14:43 ` Newbie question Arvanitis Kostas
2003-03-26 17:37 Newbie Question Carlos Cajina
2003-03-26 18:53 ` Joel Newkirk
2003-03-24 15:54 newbie question Scott Melnyk
2003-03-24 16:27 ` Joel Newkirk
2003-02-24 16:23 Newbie Question Jeffrey Corbit
2003-02-24 16:50 ` Aldo S. Lagana
2003-02-16 7:04 Newbie question Shankar; Hari
2003-02-16 7:57 ` Joel Newkirk
2003-02-16 22:50 ` Shankar; Hari
[not found] <20030120105301.22841.47459.Mailman@kashyyyk>
2003-01-20 15:58 ` newbie question regina
2003-01-20 19:02 ` Maciej Soltysiak
2002-11-03 18:51 CVS Respository failures Noah
2002-11-04 9:15 ` Newbie Question Louie
2002-10-22 2:47 William L. Childers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3DF5E780.8080802@myland.org \
--to=b-m@pandora.be \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox