[Leaf-user] Re: multi ip port forwarding (continued)

GREGOR Thu, 17 Jan 2002 22:36:19 -0800

hi everyone.....
charles, i need more help and advice, please. 

i've tried to follow your last advice and here's the result:


 ----from the outside ( i used my modem to do the test):
1. i could ping all ip# of eth0
2. but i couldn't access the web page
3. and altough i haven't try, i'm sure that smtp and pop3 didn't work 

 ----from the internal network :
1. i can ping ip# of eth1
2. but i can't ping ip# of eth0 nor eth2 (DMZ) 

 ----from the dachstein box
when i did *svi network ipfilter list portfw* the list was empty. and then i 
add the portfw manually using *ipmasqadm portfw..bla..bla..bla*, but still i 
couldn't access the web page from the outside. 

when i list the ipchains rules here's the result :
Chain input (policy DENY: 47083 packets, 11683689 bytes):
pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize  
source                destination           ports
   0     0 DENY       icmp ----l- 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             5 ->   *
   0     0 DENY       icmp ----l- 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             13 ->   *
   0     0 DENY       icmp ----l- 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             14 ->   *
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
0.0.0.0              0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
255.255.255.255      0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
127.0.0.0/8          0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
224.0.0.0/4          0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
10.0.0.0/8           0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
172.16.0.0/12        0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
192.168.0.0/16       0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
0.0.0.0/8            0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
128.0.0.0/16         0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
191.255.0.0/16       0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
192.0.0.0/24         0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
223.255.255.0/24     0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
240.0.0.0/4          0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
192.168.1.0/24       0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
192.168.15.0/24      0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
202.149.81.61        0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
202.149.81.48/28     0.0.0.0/0             n/a
   0     0 REJECT     all  ----l- 0xFF 0x00  eth0                           
0.0.0.0/0            127.0.0.0/8           n/a
   0     0 REJECT     all  ----l- 0xFF 0x00  eth0                           
0.0.0.0/0            192.168.1.0/24        n/a
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   137
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   135
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   137
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   135
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   138:139
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   138
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             137:138 ->   *
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             135 ->   *
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             137:139 ->   *
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             135 ->   *
   0     0 ACCEPT     all  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            192.168.15.0/24       n/a
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth0                           
202.149.81.55        0.0.0.0/0             * ->   25
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth0                           
202.149.81.55        0.0.0.0/0             * ->   80
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth0                           
202.149.81.55        0.0.0.0/0             * ->   110
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth0                           
202.149.81.61        0.0.0.0/0             * ->   25
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth0                           
202.149.81.61        0.0.0.0/0             * ->   80
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth0                           
202.149.81.61        0.0.0.0/0             * ->   110
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   113
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   1024:65535
   0     0 REJECT     udp  ----l- 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   161:162
   0     0 DENY       udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   67
   0     0 ACCEPT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   1024:65535
   0     0 ACCEPT     icmp ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   *
   0     0 ACCEPT     ospf ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             n/a
   0     0 REJECT     udp  ----l- 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             * ->   161:162
   0     0 REJECT     udp  ----l- 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             161:162 ->   *
   0     0 ACCEPT     all  ------ 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             n/a
Chain forward (policy DENY: 16653 packets, 7858664 bytes):
pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize  
source                destination           ports
   0     0 DENY       icmp ----l- 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             5 ->   *
   0     0 MASQ       all  ------ 0xFF 0x00  eth2                           
192.168.1.0/24       192.168.15.0/24       n/a
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth2                           
0.0.0.0/0            192.168.15.0/24       * ->   6000:6004
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth2                           
0.0.0.0/0            192.168.15.0/24       * ->   7100
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth2                           
0.0.0.0/0            192.168.15.0/24       * ->   80
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth2                           
0.0.0.0/0            192.168.15.0/24       * ->   25
   0     0 ACCEPT     icmp ------ 0xFF 0x00  eth2                           
0.0.0.0/0            192.168.15.0/24       * ->   *
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth2                           
0.0.0.0/0            192.168.15.0/24       * ->   110
   0     0 ACCEPT     tcp  !y---- 0xFF 0x00  eth2                           
0.0.0.0/0            192.168.15.0/24       * ->   1024:65535
   0     0 ACCEPT     icmp ------ 0xFF 0x00  eth2                           
0.0.0.0/0            192.168.15.0/24       * ->   *
   0     0 ACCEPT     tcp  ------ 0xFF 0x00  eth0                           
192.168.15.0/24      0.0.0.0/0             * ->   *
   0     0 ACCEPT     icmp ------ 0xFF 0x00  eth0                           
192.168.15.0/24      0.0.0.0/0             * ->   *
   0     0 ACCEPT     udp  ------ 0xFF 0x00  eth0                           
192.168.15.0/24      0.0.0.0/0             53 ->   *
   0     0 MASQ       udp  ------ 0xFF 0x00  eth0                           
192.168.15.0/24      0.0.0.0/0             * ->   *
   0     0 MASQ       all  ------ 0xFF 0x00  eth0                           
192.168.1.0/24       0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth2                           
0.0.0.0/0            192.168.15.0/24       n/a
   0     0 DENY       all  ------ 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             n/a
Chain output (policy DENY: 43774 packets, 11170209 bytes):
pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize  
source                destination           ports
   0     0 fairq      all  ------ 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
0.0.0.0              0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
255.255.255.255      0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
127.0.0.0/8          0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
224.0.0.0/4          0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
10.0.0.0/8           0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
172.16.0.0/12        0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
192.168.0.0/16       0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
0.0.0.0/8            0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
128.0.0.0/16         0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
191.255.0.0/16       0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
192.0.0.0/24         0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
223.255.255.0/24     0.0.0.0/0             n/a
   0     0 DENY       all  ----l- 0xFF 0x00  eth0                           
240.0.0.0/4          0.0.0.0/0             n/a
   0     0 DENY       all  ------ 0xFF 0x00  eth0                           
192.168.1.0/24       0.0.0.0/0             n/a
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   137
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   135
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   137
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   135
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   138:139
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             * ->   138
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             137:138 ->   *
   0     0 REJECT     udp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             135 ->   *
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             137:139 ->   *
   0     0 REJECT     tcp  ------ 0xFF 0x00  eth0                           
0.0.0.0/0            0.0.0.0/0             135 ->   *
   0     0 ACCEPT     all  ------ 0xFF 0x00  *                              
0.0.0.0/0            0.0.0.0/0             n/a
Chain fairq (1 references):
pkts bytes target     prot opt    tosa tosx  ifname     mark       outsize  
source                destination           ports
   0     0 RETURN     ospf ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             n/a
   0     0 RETURN     ospf ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             n/a
   0     0 RETURN     udp  ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             * ->   520
   0     0 RETURN     udp  ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             520 ->   *
   0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             * ->   179
   0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             179 ->   *
   0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             * ->   53
   0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             53 ->   *
   0     0 RETURN     udp  ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             * ->   53
   0     0 RETURN     udp  ------ 0xFF 0x00  *          0x1                  
0.0.0.0/0            0.0.0.0/0             53 ->   *
   0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x2                  
0.0.0.0/0            0.0.0.0/0             * ->   23
   0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x2                  
0.0.0.0/0            0.0.0.0/0             23 ->   *
   0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x2                  
0.0.0.0/0            0.0.0.0/0             * ->   22
   0     0 RETURN     tcp  ------ 0xFF 0x00  *          0x2                  
0.0.0.0/0            0.0.0.0/0             22 ->   *
AutoFW:
Type Prot Low  High Vis  Hid  Where    Last     CPto CPrt Timer Flags
MarkFW:
fwmark   rediraddr               rport  pcnt  pref
PortFW:
prot localaddr            rediraddr               lport    rport  pcnt  pref 

 

regards,
Gregor 


+Gregor Gede W.
+CENTER FOR INFORMATION SYSTEM
+ATMA JAYA YOGYAKARTA UNIVERSITY
[EMAIL PROTECTED]
+62 81 2271 0583
+62 81 7467 518 

WATCHOUT! 3RD INTERNATIONAL SEMINAR ON SUSTAINABLE ENVIRONTMENTAL 
ARCHITECTURE + DIGITAL ARCHITECTURE, 9-10 MARCH 2002, YOGYAKARTA
http://senvar.virtue.nu or http://senvar.uajy.web.id

_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user

[Leaf-user] Re: multi ip port forwarding (continued)

Reply via email to