On Fri, 2003-09-12 at 13:32, gaston wrote: > > > -----Original Message----- > This is feeling like a firewall issue to me so lets look more closely at > that. > > Not knowing your firewall script (I have lazily allowed shorewall to > abstract my thinking to it way of doing things) why don't we take a look > at the rules as the are actually in iptables > > why don't you post the output of iptables-save -c and lets take a look > at what iptables is really doing? > > Bret > > -------------------------------------------------------------------------- > These are the scripts I'm using for iptables, i really appreciate your > help, my job depends on this. > > > #!/bin/bash > > iptables -F > iptables -t nat -F > iptables -t mangle -F > > > iptables -A INPUT -i lo -p all -j ACCEPT > iptables -A OUTPUT -o lo -p all -j ACCEPT > > iptables -A INPUT -i eth0 -p ICMP -j ACCEPT > > iptables -A INPUT -p ALL -i eth0 > > iptables -A FORWARD -i eth0 -p ALL -j ACCEPT > > iptables -A OUTPUT -o eth0 -p all -j ACCEPT > > iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT > > > iptables -A INPUT -i eth0 -p TCP --dport 22 -m state --state NEW -j ACCEPT > iptables -A INPUT -i eth0 -p TCP --dport 80 -m state --state NEW -j ACCEPT > iptables -A INPUT -i eth0 -p UDP --dport 53 -m state --state NEW -j ACCEPT > iptables -A INPUT -i eth0 -p TCP --dport 3306 -m state --state NEW -j ACCEPT > > iptables -P INPUT DROP > iptables -P FORWARD DROP > iptables -P OUTPUT ACCEPT > > > then I run other script which enables forwarding for the clients > > iptables -A INPUT -s $IP -i eth1 -m mac --mac $MAC > iptables -A FORWARD -s $IP -i eth1 -m mac --mac $MAC > to what is the variables $IP and $MAC set?
again, iptables-save -c > gastonrules.out and mail me the file gastonrules.out and lets see what is actually making it to iptables. Bret -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
