Ola pessoal,
tenho 2 servidores CL 8.0 nas filiais da empresa Ambos com o mesmo script
( rc.local ), sendo que nun deles eu nao consigo startar o SQUID. Pra que eu
consiga rotar o Squid nesse 2o. servidor, tenho que retirar a linha
iptables -P INPUT DROP. Alguem saberia me dizer o que ha de errado?
Outra coisa � que eu nao consigo fazer o meu PPTP rodar. Eu tenho uma
maquina NT no endereco 192.168.0.1 que qdo conecto com o cliente de pptp
recebo uma msg falando que esta autenticando o usuario mas nao consigo
passar disso. Pesso mais uma vez ajuda.
[]'s
#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.
. /etc/profile.d/lang.sh
if [ -f /etc/conectiva-release ] ; then
R=$(cat /etc/conectiva-release)
# This will overwrite /etc/issue at every boot. So, make any changes
you
# want to make to /etc/issue here or you will lose them when you reboot.
echo "$R" > /etc/issue.net
echo "Kernel $(uname -r)" >> /etc/issue.net
echo >> /etc/issue.net
if [ -x /usr/bin/linux_logo ] ; then
clear > /etc/issue
linux_logo -classic >> /etc/issue
echo "$R (\l)" >> /etc/issue
echo >> /etc/issue
else
cat /etc/issue.net > /etc/issue
fi
fi
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -F
iptables -A INPUT -p TCP -m state --state ESTABLISHED,RELATED -j ACCEPT
modprobe ipt_LOG
modprobe ipt_REJECT
modprobe ipt_MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth1 -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 110 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 3128 -j ACCEPT
iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT
iptables -A INPUT -i eth0 -p tcp --dport 1723 -j ACCEPT
iptables -A INPUT -p udp --source-port 53 -j ACCEPT
iptables -A INPUT -p tcp --dport 3128 -j ACCEPT
iptables -A INPUT -p tcp --source-port 3128 -j ACCEPT
iptables -t filter -A FORWARD -j ACCEPT -m state --state NEW -p tcp --dport
80
iptables -t filter -A FORWARD -j ACCEPT -m state --state NEW -p tcp --dport
25
iptables -t filter -A FORWARD -j ACCEPT -m state --state NEW -p tcp --dport
110
iptables -t filter -A FORWARD -j ACCEPT -m state --state NEW -p tcp --dport
3389
iptables -t filter -A FORWARD -j ACCEPT -m state --state NEW -p tcp --dport
137
iptables -t filter -A FORWARD -j ACCEPT -m state --state NEW -p tcp --dport
50
iptables -t filter -A FORWARD -j ACCEPT -m state --state NEW -p tcp --dport
51
iptables -t filter -A FORWARD -j ACCEPT -m state --state NEW -p tcp --dport
1723
iptables -t nat -A PREROUTING -j DNAT --to-dest 192.168.0.1 -i eth0 -p
tcp --dport 80
iptables -t nat -A PREROUTING -j DNAT --to-dest 192.168.0.1 -i eth0 -p
tcp --dport 25
iptables -t nat -A PREROUTING -j DNAT --to-dest 192.168.0.1 -i eth0 -p
tcp --dport 110
iptables -t nat -A PREROUTING -j DNAT --to-dest 192.168.0.1 -i eth0 -p
tcp --dport 3389
iptables -t nat -A PREROUTING -j DNAT --to-dest 192.168.0.1 -i eth0 -p
tcp --dport 137
iptables -t nat -A PREROUTING -j DNAT --to-dest 192.168.0.1 -i eth0 -p
tcp --dport 50
iptables -t nat -A PREROUTING -j DNAT --to-dest 192.168.0.1 -i eth0 -p
tcp --dport 51
iptables -t nat -A PREROUTING -j DNAT --to-dest 192.168.0.1 -i eth0 -p
tcp --dport 1723
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.361 / Virus Database: 199 - Release Date: 8/5/2002
Assinantes em 14/05/2002: 2243
Mensagens recebidas desde 07/01/1999: 166699
Historico e [des]cadastramento: http://linux-br.conectiva.com.br
Assuntos administrativos e problemas com a lista:
mailto:[EMAIL PROTECTED]
