kalo saya pake script ini, saya tidak bisa konek ke htpps ataupun port2
lain. Harusnya kan forward. kira2 apanya yang salah?
PORT_FORWARD='123 443 25 110 995 143 22 21 20 194 5050 6667 3142'
# internet port in, local network always allow
PORT_IN='123 443 10000 25 110 995 143 22 21 20 5050 6667 3142'
# Setting default filter policy
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
# Unlimited access to loop back
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# Allow UDP, DNS and Passive FTP
iptables -A INPUT -i $INTERNET1 -m state --state ESTABLISHED,RELATED -j
ACCEPT
iptables -A INPUT -i $INTERNET2 -m state --state ESTABLISHED,RELATED -j
ACCEPT
iptables -A INPUT -i $INTERNET3 -m state --state ESTABLISHED,RELATED -j
ACCEPT
# set this system as a router for Rest of LAN
iptables -t nat -A POSTROUTING -o $INTERNET1 -j MASQUERADE
iptables -t nat -A POSTROUTING -o $INTERNET2 -j MASQUERADE
iptables -t nat -A POSTROUTING -o $INTERNET3 -j MASQUERADE
iptables -A INPUT -i $LAN_IN -j ACCEPT
# FORWARD RULES
for PORT in $PORT_FORWARD; do iptables -A FORWARD -i
$LAN_IN -p tcp --dport $PORT -j ACCEPT
iptables -A FORWARD -i $LAN_IN -p udp --dport $PORT -j ACCEPT
done
# IN RULES FOR LOCAL
#for PORT in $PORT_IN; do # iptables -A INPUT -i $INTERNET
-p tcp --sport $PORT -j ACCEPT #done # Allow forward to
modem from dserver only, drop others
# Allow all output through internet interface
iptables -A OUTPUT -o $INTERNET1 -j ACCEPT
iptables -A OUTPUT -o $INTERNET2 -j ACCEPT
iptables -A OUTPUT -o $INTERNET3 -j ACCEPT
# Allow ping from all interfaces
iptables -A INPUT -i $LAN_IN -p ICMP -j ACCEPT
iptables -A INPUT -i $INTERNET1 -p ICMP -j ACCEPT
iptables -A INPUT -i $INTERNET2 -p ICMP -j ACCEPT iptables -A INPUT -i
$INTERNET3 -p ICMP -j ACCEPT
iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 80 -j REDIRECT
--to-port $SQUID_PORT
iptables -t nat -A PREROUTING -i $LAN_IN -p tcp --dport 8080 -j
REDIRECT --to-port $SQUID_PORT
iptables -A OUTPUT -o $LAN_IN -j ACCEPT
--
FAQ milis di http://wiki.linux.or.id/FAQ_milis_tanya-jawab
Unsubscribe: kirim email ke [EMAIL PROTECTED]
Arsip dan info milis selengkapnya di http://linux.or.id/milis
