/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ [root@Cyrwyn /root]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 63.252.247.45 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 255.255.255.255 0.0.0.0 255.255.255.255 UH 0 0 0 eth0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 63.252.247.45 0.0.0.0 UG 0 0 0 ppp0 [root@Cyrwyn /root]# ipchains -L -v Chain input (policy ACCEPT: 0 packets, 0 bytes): pkts bytes target prot opt tosa tosx ifname mark outsize source destination ports 22 1676 ACCEPT all ------ 0xFF 0x00 lo anywhere anywhere n/a 583 698K ACCEPT tcp !y---- 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> any 0 0 DENY all ------ 0xFF 0x00 ppp0 10.0.0.0/8 GNB2A010-0554.splitrock.net n/a 0 0 DENY all ------ 0xFF 0x00 ppp0 127.0.0.0/8 GNB2A010-0554.splitrock.net n/a 0 0 DENY all ------ 0xFF 0x00 ppp0 172.16.0.0/12 GNB2A010-0554.splitrock.net n/a 0 0 DENY all ------ 0xFF 0x00 ppp0 192.168.0.0/16 GNB2A010-0554.splitrock.net n/a 0 0 DENY tcp ----l- 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> 31337 0 0 DENY udp ----l- 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> 31337 0 0 DENY tcp ----l- 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> 12345:12346 0 0 DENY udp ----l- 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> 12345:12346 0 0 DENY tcp ----l- 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> ingreslock 0 0 DENY tcp ----l- 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> 27665 0 0 DENY udp ----l- 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> 27444 0 0 DENY udp ----l- 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> 31335 0 0 DENY all ------ 0xFF 0x00 any BASE-ADDRESS.MCAST.NET/8 anywhere n/a 0 0 DENY all ------ 0xFF 0x00 any anywhere BASE-ADDRESS.MCAST.NET/8 n/a 0 0 DENY udp ------ 0xFF 0x00 ppp0 anywhere anywhere any -> bootps:bootpc 0 0 REJECT tcp ------ 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> auth 0 0 REJECT udp ------ 0xFF 0x00 any anywhere GNB2A010-0554.splitrock.net any -> 113 0 0 DENY tcp ------ 0xFF 0x00 ppp0 anywhere anywhere any -> netbios-ns:netbios-ssn 0 0 DENY udp ------ 0xFF 0x00 ppp0 anywhere anywhere any -> netbios-ns:netbios-ssn 0 0 REJECT udp ------ 0xFF 0x00 ppp0 anywhere anywhere any -> route 0 0 DENY tcp ----l- 0xFF 0x00 ppp0 anywhere anywhere any -> 2049 0 0 DENY udp ----l- 0xFF 0x00 ppp0 anywhere anywhere any -> 2049 0 0 DENY tcp ------ 0xFF 0x00 ppp0 anywhere anywhere any -> 5999:6003 0 0 DENY udp ------ 0xFF 0x00 ppp0 anywhere anywhere any -> 5999:6003 0 0 ACCEPT udp ------ 0xFF 0x00 eth0 anywhere anywhere bootps -> any 178 10413 - tcp ------ 0x01 0x10 any anywhere anywhere any -> www 0 0 - tcp ------ 0x01 0x10 any anywhere anywhere any -> ssh 0 0 - tcp ------ 0x01 0x10 any anywhere anywhere any -> telnet 0 0 - tcp ------ 0x01 0x10 any anywhere anywhere any -> ftp 215 9117 - tcp ------ 0x01 0x10 any anywhere anywhere any -> pop3 14 3162 - tcp ------ 0x01 0x10 any anywhere anywhere any -> smtp 0 0 - tcp ------ 0x01 0x08 any anywhere anywhere any -> ftp-data 0 0 ACCEPT icmp ------ 0xFF 0x00 any 192.168.1.0/24 anywhere any -> any 0 0 ACCEPT icmp ------ 0xFF 0x00 any GNB2A010-0554.splitrock.net anywhere any -> any 418 23376 ACCEPT all ------ 0xFF 0x00 any anywhere anywhere n/a [root@Cyrwyn /root]# ipchains --list Chain input (policy ACCEPT): target prot opt source destination ports ACCEPT all ------ anywhere anywhere n/a ACCEPT tcp !y---- anywhere GNB2A010-0554.splitrock.net any -> any DENY all ------ 10.0.0.0/8 GNB2A010-0554.splitrock.net n/a DENY all ------ 127.0.0.0/8 GNB2A010-0554.splitrock.net n/a DENY all ------ 172.16.0.0/12 GNB2A010-0554.splitrock.net n/a DENY all ------ 192.168.0.0/16 GNB2A010-0554.splitrock.net n/a DENY tcp ----l- anywhere GNB2A010-0554.splitrock.net any -> 31337 DENY udp ----l- anywhere GNB2A010-0554.splitrock.net any -> 31337 DENY tcp ----l- anywhere GNB2A010-0554.splitrock.net any -> 12345:12346 DENY udp ----l- anywhere GNB2A010-0554.splitrock.net any -> 12345:12346 DENY tcp ----l- anywhere GNB2A010-0554.splitrock.net any -> ingreslock DENY tcp ----l- anywhere GNB2A010-0554.splitrock.net any -> 27665 DENY udp ----l- anywhere GNB2A010-0554.splitrock.net any -> 27444 DENY udp ----l- anywhere GNB2A010-0554.splitrock.net any -> 31335 DENY all ------ BASE-ADDRESS.MCAST.NET/8 anywhere n/a DENY all ------ anywhere BASE-ADDRESS.MCAST.NET/8 n/a DENY udp ------ anywhere anywhere any -> bootps:bootpc REJECT tcp ------ anywhere GNB2A010-0554.splitrock.net any -> auth REJECT udp ------ anywhere GNB2A010-0554.splitrock.net any -> 113 DENY tcp ------ anywhere anywhere any -> netbios-ns:netbios-ssn DENY udp ------ anywhere anywhere any -> netbios-ns:netbios-ssn REJECT udp ------ anywhere anywhere any -> route DENY tcp ----l- anywhere anywhere any -> 2049 DENY udp ----l- anywhere anywhere any -> 2049 DENY tcp ------ anywhere anywhere any -> 5999:6003 MASQ all ------ 192.168.1.0/24 anywhere n/a Chain output (policy ACCEPT): target prot opt source destination ports ACCEPT all ------ anywhere anywhere n/a ACCEPT all ------ 192.168.1.0/24 anywhere n/a - tcp ------ anywhere anywhere any -> www - tcp ------ anywhere anywhere any -> ssh - tcp ------ anywhere anywhere any -> telnet - tcp ------ anywhere anywhere any -> ftp - tcp ------ anywhere anywhere any -> pop3 - tcp ------ anywhere anywhere any -> smtp - tcp ------ anywhere anywhere any -> ftp-data ACCEPT icmp ------ 192.168.1.0/24 anywhere any -> any ACCEPT icmp ------ GNB2A010-0554.splitrock.net anywhere any -> any ACCEPT all ------ anywhere anywhere n/a -- [EMAIL PROTECTED] <Stuart Norman> Censorship is the ultimate obscenity. _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
