Hello
Sorry for the long mail
I am trying to put IPtables on a machine conneted to cablemodem
It uses debian2.2 potato with 2.4.14 kernel
here is my script
#---------BEGIN----------------------------
#!/bin/sh
modprobe iptable_nat
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.50.0/24 -j MASQUERADE
iptables -A FORWARD -s 192.168.50.0/24 -j ACCEPT
iptables -A INPUT -i eth1 -p udp --sport bootpc --dport bootps -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --sport bootpc --dport bootps -j ACCEPT
iptables -A INPUT -i eth1 -p udp --sport bootps --dport bootpc -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --sport bootps --dport bootpc -j ACCEPT
# Allow dns requests
iptables -A INPUT -i eth1 -p udp --dport domain -j ACCEPT
iptables -A INPUT -i eth1 -p tcp --dport domain -j ACCEPT
# Trans parent proxy
iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT
--to-port 3128
#--------------END ------------------
eth0 is my external interface eth1 is my internal interface
I am running squid also. My clients are able to browse But when I try to
ftp to a sit e from a client machine I get the following
-------------------- FTP SERVER OUTPUT --------------
maria@debian:~$ ftp arbornet.org
Connected to arbornet.org.
220-Welcome to M-Net's FTP Server
220 ProFTPD 1.2.0 Server (M-Net Ftpd) [m-net.arbornet.org]
Name (arbornet.org:maria): chathan
331 Password required for chathan.
Password:
230 User chathan logged in.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
500 Illegal PORT command.
ftp: bind: Address already in use
ftp>
------------------------------------------------------
However the same works perfectly on my gateway
Somebody please help
I would like to build a firewall . I am unable to properly understand
IPtables . Will some body show how a fire wall can be constructed step
by step
Su
_______________________________________________
linux-india-help mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/linux-india-help
