Hi there The SNF doesn't use the port forwarding with the ipchains command, it use the ipvsadm command, that's why you don't see it in the ipchain's list. Use "man ipvsadm" to see how it works. Saludos. Hern�n Vidoni.
>Hi! > >I'm using SNF 7.2 with NAT and I want to use also Port-Forwarding for a >Web-Server and smtp. > >I put the rules in NAAT - Restricted Access - Internet Access > >The Rules are in the input-chain, but not in the output-Chain. Waht can I >do??? > > > > >[root@router /root]# ipchains -L >Chain input (policy DENY): >target prot opt source destination ports >ACCEPT icmp ------ anywhere anywhere fragmentation-needed >DENY all ----l- 224.0.0.0/4 anywhere n/a >DENY all ----l- anywhere 192.168.98.0/24 n/a >DENY all ----l- 192.168.98.0/24 anywhere n/a >DENY all ----l- anywhere 192.168.98.0/24 n/a >DENY all ----l- 192.168.98.0/24 anywhere n/a >ACCEPT all ------ anywhere anywhere n/a >ACCEPT all ------ anywhere anywhere n/a >ACCEPT tcp ------ anywhere router.avalon-net.net any -> > ssh >ACCEPT tcp ------ anywhere router.avalon-net.net any -> > 10000 >ACCEPT tcp ------ anywhere router.avalon-net.net any -> > ntp >ACCEPT tcp ------ anywhere router.avalon-net.net any -> > domain >ACCEPT tcp ------ anywhere router.avalon-net.net any -> > 8443 >ACCEPT udp ------ anywhere router.avalon-net.net any -> > ntp >ACCEPT udp ------ anywhere router.avalon-net.net any -> > domain >ACCEPT icmp ------ anywhere anywhere any -> >any >ACCEPT tcp ------ anywhere anywhere any -> >domain >ACCEPT tcp ------ anywhere anywhere any -> >mysql >ACCEPT tcp ------ anywhere anywhere any -> >www >ACCEPT tcp ------ anywhere anywhere any -> >6346 >ACCEPT tcp ------ anywhere anywhere any -> >ntp >ACCEPT tcp !y---- anywhere anywhere any -> >any >ACCEPT icmp ------ anywhere anywhere >destination-unreachable >ACCEPT icmp ------ anywhere anywhere echo-reply >ACCEPT icmp ------ anywhere anywhere time-exceeded >DENY icmp ----l- anywhere anywhere any -> >any >ACCEPT udp ------ anywhere anywhere any -> >domain >ACCEPT udp ------ anywhere anywhere any -> >ntp >DENY udp ----l- anywhere anywhere any -> >2049 >ACCEPT udp ------ 62.225.244.197 anywhere domain -> >1024:65535 >ACCEPT udp ------ 194.25.2.129 anywhere domain -> >1024:65535 >DENY all ----l- anywhere router.avalon-net.net n/a >DENY tcp ------ anywhere router.avalon-net.net any -> > any >DENY udp ------ anywhere router.avalon-net.net any -> > any >ACCEPT tcp ------ 192.168.98.0/24 anywhere any -> >any >ACCEPT tcp ------ 192.168.98.0/24 anywhere any -> >domain >ACCEPT udp ------ 192.168.98.0/24 anywhere any -> >any >ACCEPT udp ------ 192.168.98.0/24 anywhere any -> >domain >DENY all ----l- 192.168.98.0/24 anywhere n/a >DENY all ----l- anywhere anywhere n/a >Chain forward (policy DENY): >target prot opt source destination ports >DENY tcp ----l- anywhere anywhere >netbios-ns:netbios-ssn -> any >DENY udp ----l- anywhere anywhere >netbios-ns:netbios-ssn -> any >MASQ all ------ 192.168.98.0/24 anywhere n/a >DENY all ----l- anywhere anywhere n/a >Chain output (policy ACCEPT): >target prot opt source destination ports >ACCEPT icmp ------ anywhere anywhere fragmentation-needed >ACCEPT icmp ------ anywhere anywhere any -> >any >[root@router /root]# > > >-- >mfg > >Andre Hern�n Vidoni ICQ: 4765459 [EMAIL PROTECTED] [EMAIL PROTECTED] _________________________________________________________________ �nase al mayor servicio mundial de correo electr�nico: http://www.hotmail.com/es
