Hi Hernan, you're right. They are in the ipvsadm table. But it does not forward the incomming traffic to the web server.
What goes wrong? Hernan Vidoni schrieb: > Hi there > The SNF doesn't use the port forwarding with the ipchains command, it > use the ipvsadm command, that's why you don't see it in the ipchain's list. > Use "man ipvsadm" to see how it works. > Saludos. > Hern�n Vidoni. > >> Hi! >> >> I'm using SNF 7.2 with NAT and I want to use also Port-Forwarding for >> a Web-Server and smtp. >> >> I put the rules in NAAT - Restricted Access - Internet Access >> >> The Rules are in the input-chain, but not in the output-Chain. Waht >> can I do??? >> >> >> >> >> [root@router /root]# ipchains -L >> Chain input (policy DENY): >> target prot opt source destination ports >> ACCEPT icmp ------ anywhere anywhere >> fragmentation-needed >> DENY all ----l- 224.0.0.0/4 anywhere n/a >> DENY all ----l- anywhere 192.168.98.0/24 n/a >> DENY all ----l- 192.168.98.0/24 anywhere n/a >> DENY all ----l- anywhere 192.168.98.0/24 n/a >> DENY all ----l- 192.168.98.0/24 anywhere n/a >> ACCEPT all ------ anywhere anywhere n/a >> ACCEPT all ------ anywhere anywhere n/a >> ACCEPT tcp ------ anywhere router.avalon-net.net >> any -> ssh >> ACCEPT tcp ------ anywhere router.avalon-net.net >> any -> 10000 >> ACCEPT tcp ------ anywhere router.avalon-net.net >> any -> ntp >> ACCEPT tcp ------ anywhere router.avalon-net.net >> any -> domain >> ACCEPT tcp ------ anywhere router.avalon-net.net >> any -> 8443 >> ACCEPT udp ------ anywhere router.avalon-net.net >> any -> ntp >> ACCEPT udp ------ anywhere router.avalon-net.net >> any -> domain >> ACCEPT icmp ------ anywhere anywhere any >> -> any >> ACCEPT tcp ------ anywhere anywhere any >> -> domain >> ACCEPT tcp ------ anywhere anywhere any >> -> mysql >> ACCEPT tcp ------ anywhere anywhere any >> -> www >> ACCEPT tcp ------ anywhere anywhere any >> -> 6346 >> ACCEPT tcp ------ anywhere anywhere any >> -> ntp >> ACCEPT tcp !y---- anywhere anywhere any >> -> any >> ACCEPT icmp ------ anywhere anywhere >> destination-unreachable >> ACCEPT icmp ------ anywhere anywhere echo-reply >> ACCEPT icmp ------ anywhere anywhere time-exceeded >> DENY icmp ----l- anywhere anywhere any >> -> any >> ACCEPT udp ------ anywhere anywhere any >> -> domain >> ACCEPT udp ------ anywhere anywhere any >> -> ntp >> DENY udp ----l- anywhere anywhere any >> -> 2049 >> ACCEPT udp ------ 62.225.244.197 anywhere domain -> >> 1024:65535 >> ACCEPT udp ------ 194.25.2.129 anywhere domain -> >> 1024:65535 >> DENY all ----l- anywhere router.avalon-net.net n/a >> DENY tcp ------ anywhere router.avalon-net.net >> any -> any >> DENY udp ------ anywhere router.avalon-net.net >> any -> any >> ACCEPT tcp ------ 192.168.98.0/24 anywhere any >> -> any >> ACCEPT tcp ------ 192.168.98.0/24 anywhere any >> -> domain >> ACCEPT udp ------ 192.168.98.0/24 anywhere any >> -> any >> ACCEPT udp ------ 192.168.98.0/24 anywhere any >> -> domain >> DENY all ----l- 192.168.98.0/24 anywhere n/a >> DENY all ----l- anywhere anywhere n/a >> Chain forward (policy DENY): >> target prot opt source destination ports >> DENY tcp ----l- anywhere anywhere >> netbios-ns:netbios-ssn -> any >> DENY udp ----l- anywhere anywhere >> netbios-ns:netbios-ssn -> any >> MASQ all ------ 192.168.98.0/24 anywhere n/a >> DENY all ----l- anywhere anywhere n/a >> Chain output (policy ACCEPT): >> target prot opt source destination ports >> ACCEPT icmp ------ anywhere anywhere >> fragmentation-needed >> ACCEPT icmp ------ anywhere anywhere any >> -> any >> [root@router /root]# >> >> >> -- >> mfg >> >> Andre > > > > > > Hern�n Vidoni > ICQ: 4765459 > [EMAIL PROTECTED] > [EMAIL PROTECTED] > > > _________________________________________________________________ > �nase al mayor servicio mundial de correo electr�nico: > http://www.hotmail.com/es > > >
