nu imi functioneaza cu regulile astea :( faza e ca eu am facut DNAT SI SNAT am pus squid cu delay pool . sa fie oare de aia ?
adik am urmatoarea regula totul ce vine de pe 192.168.0.0/255.255.255.0 pe port 80 sa faca DNAT prin proxy am o varza in iptables :)) Multam Vlad ----- Original Message ----- From: "Tarhon-Onu Victor" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, August 26, 2003 11:04 AM Subject: [rlug] Re: iptables > On Tue, 26 Aug 2003, Vlad Radu wrote: > > > in cazul in care vreau sa filtrez cu iptables http si https e de ajuns sa > > fac asa : > > > > iptables -A INPUT -p tcp --dport 80 -s 192.168.0.0/255.255.255.0 -j ACCEPT > > si iptables -A INPUT -p tcp --dport 80 -j DROP > > Nu, pentru ca ziceai si httpd. > > iptables -A INPUT -p tcp -m multiport --dport 80,443 -s 192.168.0.0/255.255.255.0 -j ACCEPT > iptables -A INPUT -p tcp -m multiport --dport 80,443 -j DROP > > > si daca fac asa va mai fi accesibil web-ul din afara ? > > iptables -I INPUT -i ethAFARA -p tcp -m multiport --dport 80,443 > -j ACCEPT && echo sanatate > > ...unde ethAFARA e evident, interfata ethernet (sau daca e cazul > atunci alta, pppX, etc) spre reteaua providerului. > > -- > Any views or opinions presented within this e-mail are solely those of > the author and do not necessarily represent those of any company, unless > otherwise expressly stated. > > --- > Detalii despre listele noastre de mail: http://www.lug.ro/ > > --- Detalii despre listele noastre de mail: http://www.lug.ro/
