Re: Need Help IPTABLES RH8

Tommy McNeely Fri, 06 Dec 2002 10:29:05 -0800

check the ipv4 foward line in /etc/sysctl.conf .... it needs to be changed from 0 -> 1

then run "sysctl -p"

Tommy

--On Tuesday, December 03, 2002 07:05:49 PM -0500 Pablo Allietti <[EMAIL PROTECTED]> wrote:

Hi i have a problem with iptables in RH8.

I still have a firewall function in rh7 but in the time to upgrade to 8,
the machines behind a firewall dont access to INTERNET.


my private network dont have access to outside. This is my old iptables
please help me!!!!


-A FORWARD -j ACCEPT -i eth0 -o eth0 -d 0/0
# -A FORWARD -i eth0 -m state --state NEW,INVALID -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 --syn -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 --syn -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 --syn -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 --syn -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 --syn -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 --syn -j ACCEPT
-A INPUT -p tcp -m tcp --dport 953 --syn -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 --syn -j ACCEPT
-A INPUT -p udp --sport 137 --dport 137 -j DROP

and

/sbin/iptables --table nat --delete-chain
/sbin/iptables --table nat --append POSTROUTING --out-interface eth0:0
-j MASQUERADE
/sbin/iptables --append FORWARD --in-interface eth0 -j ACCEPT



--
Psyche-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/psyche-list



--
Tommy McNeely         --        [EMAIL PROTECTED]
Sun Microsystems - IT Ops - Broomfield Campus Support
Phone:  x50888 / 303-464-4888  --  Fax:  720-566-3168



--
Psyche-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/psyche-list

Re: Need Help IPTABLES RH8

Reply via email to