Ce legatura are chain-ul forward cu ceea ce se intimpla la tine? Trebuie sa te uiti in input sau output nu in forward!
Dan Uscatu wrote: >/sbin/ipchains -A forward -j MASQ -s 192.168.0.0/255.255.255.0 > >evident nu are nici o legatura cu regula asta, pentru ca telnetul >respectiv se face direct de pe C pe A fara a se trece prin routerul B. >iar pe porturile sub 1024 merge. weird huh.. > >o poza destul de inghesuita: http://194.176.189.29/reteatimpita.gif > >"Live to Win, Dare to Fail" - James Hetfield > > > > >>Poti sa faci o poza? (eu sunt mai incet asa) >>Poti sa ne dai si regula de masq (exact cum e scrisa) >>On Fri, 11 Jul 2003, Dan Uscatu wrote: >> >> >> >>>pe firewalluri am tras apa (-F) si in hosts.* nu scrie nimic. >>> >>> >porturile > > >>>sub 1024 merg accesate si din afara masinii cu pricina >>> >>>"Live to Win, Dare to Fail" - James Hetfield >>> >>> >>>----- Original Message ----- >>>From: "Alin Nastac" <[EMAIL PROTECTED]> >>>To: <[EMAIL PROTECTED]> >>>Sent: Friday, July 11, 2003 12:10 PM >>>Subject: [rlug] Re: eth0:0 >>> >>> >>> >>> >>>>Problema ta ar fi firewall-ul serverului sau clientului (dar zici >>>> >>>> >ca > > >>>>le-ai oprit) sau serverul are suport de tcpwrap si nu ai regula >>>> >>>> >>>aferenta >>> >>> >>>>in /etc/hosts.allow. >>>> >>>>Dan Uscatu wrote: >>>> >>>> >>>> >>>>>okay atunci sa detaliem >>>>> >>>>>masina A: >>>>> >>>>>eth0 1.2.3.4 >>>>>eth0:0 192.168.0.100 >>>>> >>>>>rute: >>>>>Destination Gateway Genmask Interface >>>>>1.2.3.0 0.0.0.0 255.255.255.0 eth0 >>>>>192.168.0.0 0.0.0.0 255.255.255.0 eth0 >>>>>127.0.0.0 0.0.0.0 255.0.0.0 lo >>>>>0.0.0.0 1.2.3.1 0.0.0.0 eth0 >>>>> >>>>>aici ruleaza un apache care asculta pe 0.0.0.0:80 si >>>>> >>>>> >0.0.0.0:15000 > > >>>>>masina B (routerul): >>>>> >>>>>eth0: 1.2.3.1 >>>>>eth1: 192.168.0.1 >>>>> >>>>>rute: >>>>> >>>>>Destination Gateway Genmask Interface >>>>>1.2.3.0 0.0.0.0 255.255.255.0 eth0 >>>>>192.168.0.0 0.0.0.0 255.255.255.0 eth1 >>>>>127.0.0.0 0.0.0.0 255.0.0.0 lo >>>>>0.0.0.0 nuconteaza 0.0.0.0 eth0 >>>>> >>>>>masina C: >>>>> >>>>>eth0: 192.168.0.2 >>>>> >>>>>rute: >>>>> >>>>>192.168.0.0 0.0.0.0 255.255.255.0 eth0 >>>>>0.0.0.0 192.168.0.1 0.0.0.0 eth0 >>>>> >>>>>toate trei sint infipte in acelasi switch. se dezactiveaza toate >>>>>regulile de firewall mai putin cea de masq pentru 192.168.0.0 pe >>>>> >>>>> >>>router >>> >>> >>>>>(B) >>>>> >>>>>de pe masina A: telnet 192.168.0.100 80 sau 192.168.0.100 15000 >>>>> >>>>> >merge > > >>>ok >>> >>> >>>>>de pe masina C: telnet 192.168.0. 80 merge ok >>>>> telnet 192.168.0.100 15000 connection >>>>> >>>>> >failed > > >>>>>(instant) >>>>>idem de pe masina B. >>>>> >>>>>am observat ca chestia asta se intimpla pentru toate porturile >>>>> >>>>> >mai > > >>>mari >>> >>> >>>>>de 1024 >>>>> >>>>>ceva sugestii ? >>>>> >>>>>"Live to Win, Dare to Fail" - James Hetfield >>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> >>> >>> >>> >>-- >>------------------------- >>Dan Nae >>Romanian Education Network >>Bucharest NOC >> >> >> >> > > > >
