infact i dont have any problem with redirection or masquerading instead i have problem with redirection and samba.
Regards Azeem
From: "Radio Gong 2000 GmbH & Co. KG [Technik]" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: Re: [Samba] please help me.
Date: Mon, 31 May 2004 23:48:12 +0200
Wow, you are using your samba-server as internet-gateway and firewall??? Uffhh...
Ok, I don't have this configuration, but in my firewall-script I have
FIRST: transparent redirecting and SECOND: masquarading
The DROP-Rule you should put in last.
I configured my firewall with the excellent tool fwbuilder, try it and throw
away your probs...
http://www.fwbuilder.org/
Regards
Sascha
Am Montag, 31. Mai 2004 23:21 schrieb azeem ahmad:
> >From: Sascha Bieler <[EMAIL PROTECTED]>
> >To: [EMAIL PROTECTED]
> >Subject: Re: [Samba] please help me.
> >Date: Mon, 31 May 2004 23:02:33 +0200
> >
> >I just wonder why port 445 is missing there...
> >
> >Greetings
> >
> >Sascha
>
> here is the new script but the same problem is with this script too that if
> i enable transparent redirection it starts taking about 4 minutes and if i
> remove the rule for port 80 transparent redirection then it starts working
> here is the script
> ---------------------------------------------------------------------------
>------------------------------------------------------- echo 1 >
> /proc/sys/net/ipv4/ip_forward
>
> iptables -F
> iptables -t nat -F
>
> modprobe ip_nat_ftp
>
> iptables -P INPUT DROP
> iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
>
> iptables -A INPUT -i eth0 -p tcp --dport 8080 -j ACCEPT
> iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT
> iptables -A INPUT -i eth0 -p tcp --dport 53 -j ACCEPT
> iptables -A INPUT -i eth0 -p udp --dport 53 -j ACCEPT
> iptables -A INPUT -i eth0 -p udp --dport 137 -j ACCEPT
> iptables -A INPUT -i eth0 -p tcp --dport 137 -j ACCEPT
> iptables -A INPUT -i eth0 -p udp --dport 138 -j ACCEPT
> iptables -A INPUT -i eth0 -p tcp --dport 138 -j ACCEPT
> iptables -A INPUT -i eth0 -p udp --dport 139 -j ACCEPT
> iptables -A INPUT -i eth0 -p tcp --dport 139 -j ACCEPT
> iptables -A INPUT -i eth0 -p tcp --dport 445 -j ACCEPT
> iptables -A INPUT -i eth0 -p udp --dport 445 -j ACCEPT
> #iptables -A INPUT -j LOG
>
> #iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
> #iptables -t nat -A PREROUTING -p udp --dport 80 -j REDIRECT --to-port 8080
>
> iptables -P FORWARD DROP
> iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
>
> iptables -A FORWARD -i eth0 -p tcp --dport 21 -j ACCEPT
> iptables -A FORWARD -i eth0 -p tcp --dport 443 -j ACCEPT
> iptables -A FORWARD -i eth0 -p tcp --dport 5000 -j ACCEPT
> iptables -A FORWARD -i eth0 -p tcp --dport 5001 -j ACCEPT
> iptables -A FORWARD -i eth0 -p tcp --dport 5005 -j ACCEPT
> iptables -A FORWARD -i eth0 -p tcp --dport 5050 -j ACCEPT
> iptables -A FORWARD -i eth0 -p tcp --dport 6660:6670 -j ACCEPT
> iptables -A FORWARD -i eth0 -p tcp --dport 7000 -j ACCEPT
> iptables -A FORWARD -i eth0 -p tcp --dport 28805 -j ACCEPT
> iptables -A FORWARD -i eth0 -p tcp --dport 51215 -j ACCEPT
>
> iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
> ---------------------------------------------------------------------------
>-------------------------------------------------------
>
> Regards
> Azeem
>
> _________________________________________________________________
> STOP MORE SPAM with the new MSN 8 and get 2 months FREE*
> http://join.msn.com/?page=features/junkmail
-- _______________________________________________ Radio Gong 2000 GmbH & Co. KG Sascha Bieler Technischer Leiter Franz-Joseph-Strasse 14 80801 München -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
