On Wed, 3 Apr 2002 09:59:02 -0700 [EMAIL PROTECTED] (Derrik Pates) wrote: > On Wed, Apr 03, 2002 at 10:35:14AM -0500, Mailing List wrote: > > Well, that's what I was thinking... I'm running Slackware 8 and it > > comes with kernel 2.4.5, when I got kernel 2.4.18 I compiled all > > the netfilter stuff as modules and all the modules are loaded. > > So I've already done the necessary recompiling. > > > As you can see, all the modules are compiled and loaded, but > > FTP and DCC (IRC) transfers are not working. By the way, the only > > thing I DIDN'T compile as a module was iptables itself, which I compiled > > into the kernel. The rest of the netfilter stuff is modules. > > What does your ruleset currently look like? > > -- > Derrik Pates | Sysadmin, Douglas School | #linuxOS on EFnet > [EMAIL PROTECTED] | District (dsdk12.net) | #linuxOS on OPN >
Here are my current rules as saved by iptables-save: *** begin output from iptables-save *** # Generated by iptables-save v1.2.2 on Wed Apr 3 13:22:22 2002 *mangle :PREROUTING ACCEPT [5213523:3176386134] :INPUT ACCEPT [873136:403876932] :FORWARD ACCEPT [4340380:2772508519] :OUTPUT ACCEPT [657239:320628308] :POSTROUTING ACCEPT [4997616:3093136496] -A PREROUTING -p tcp -m tcp --sport 20 -j TOS --set-tos 0x08 -A PREROUTING -p tcp -m tcp --sport 22 -j TOS --set-tos 0x10 -A PREROUTING -p tcp -m tcp --sport 23 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p tcp -m tcp --dport 20 -j TOS --set-tos 0x08 -A OUTPUT -o eth0 -p tcp -m tcp --dport 22 -j TOS --set-tos 0x08 -A OUTPUT -o eth0 -p tcp -m tcp --dport 80 -j TOS --set-tos 0x08 -A OUTPUT -o eth0 -p tcp -m tcp --dport 119 -j TOS --set-tos 0x08 -A OUTPUT -o eth0 -p tcp -m tcp --dport 21 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p tcp -m tcp --dport 22 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p tcp -m tcp --dport 23 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p tcp -m tcp --dport 25 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p tcp -m tcp --dport 53 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p udp -m udp --dport 53 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p tcp -m tcp --dport 119 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p tcp -m tcp --dport 110 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p tcp -m tcp --dport 143 -j TOS --set-tos 0x10 -A OUTPUT -o eth0 -p tcp -m tcp --dport 6667 -j TOS --set-tos 0x10 COMMIT # Completed on Wed Apr 3 13:22:22 2002 # Generated by iptables-save v1.2.2 on Wed Apr 3 13:22:22 2002 *filter :INPUT ACCEPT [266578:23862871] :FORWARD ACCEPT [517976:134785307] :OUTPUT ACCEPT [175405:21098470] -A INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT COMMIT # Completed on Wed Apr 3 13:22:22 2002 # Generated by iptables-save v1.2.2 on Wed Apr 3 13:22:22 2002 *nat :PREROUTING ACCEPT [90559:7418569] :POSTROUTING ACCEPT [68552:2814333] :OUTPUT ACCEPT [2870:187553] -A POSTROUTING -s 192.168.1.0/255.255.255.0 -j MASQUERADE COMMIT # Completed on Wed Apr 3 13:22:22 2002 *** end output from iptables-save **** Anyway, that's my current ruleset. Thank you very much for your help. I really do appreciate it. Sincerely, GRE
