Re: iptables and masquerading: how to allow vpnc from lan

2005-05-18 Thread Adam Hardy
On 18/05/05 15:23 H. S. wrote: Hi, I am running an old computer as a router using Debian Sarge and kernel 2.6.10 kernel and iptables 1.2.11-10. Here is my setup: CompR ,---. (INTERNET) -->ppp0--->eth1eth0 >SWITCH--->192.168.0.0/24

iptables and masquerading: how to allow vpnc from lan

2005-05-18 Thread H. S.
Hi, I am running an old computer as a router using Debian Sarge and kernel 2.6.10 kernel and iptables 1.2.11-10. Here is my setup: CompR ,---. (INTERNET) -->ppp0--->eth1eth0 >SWITCH--->192.168.0.0/24 `---'

Re: iptables and masquerading

2001-03-21 Thread will trillich
On Wed, Mar 21, 2001 at 12:29:21AM -0500, Gregg C wrote: > >From: Brian May <[EMAIL PROTECTED]> > > John> but you should be aware that there are a number of issues > > John> with IIRC > > > >Such as? > > I'm sure the lists are archived and accessible via the web. information overload. not

Re: iptables and masquerading

2001-03-20 Thread Gregg C
From: Brian May <[EMAIL PROTECTED]> To: debian-user@lists.debian.org Subject: Re: iptables and masquerading Date: 21 Mar 2001 09:01:31 +1100 >>>>> "John" == John Davidson <[EMAIL PROTECTED]> writes: John> You probably should as this question on th

Re: iptables and masquerading

2001-03-20 Thread John Davidson
You need to modprobe ip_nat_irc if you are going to run a chat server. Also you need to ensure ident is running and being passed by your firewall rules. oident is reccomended, but I don't know if it is available for Debian? Further, I beleive that only one client is supported behind the firewall

Re: iptables and masquerading

2001-03-20 Thread Brian May
> "Brian" == Brian May <[EMAIL PROTECTED]> writes: Brian> (as for asking a question on another mailing list, proper Brian> etiquette demands that I join the other mailing list first, Brian> but bandwidth is becoming saturated on my 28.8kbps link, Brian> and I am already swamped

Re: iptables and masquerading

2001-03-20 Thread Brian May
> "John" == John Davidson <[EMAIL PROTECTED]> writes: John> You probably should as this question on the netfilter John> (iptables) mailing list John> http://us4.samba.org/mailman/listinfo/netfilter John> The main iptables page is at John> http://netfilter.kernelnotes.org

Re: iptables and masquerading

2001-03-20 Thread John Davidson
aware that there are a number of issues with IIRC John Davidson - Original Message - From: "Brian May" <[EMAIL PROTECTED]> To: Sent: Tuesday, March 20, 2001 12:57 AM Subject: iptables and masquerading > Hello, > > with ipchains it was easy to list what connecti

iptables and masquerading

2001-03-19 Thread Brian May
Hello, with ipchains it was easy to list what connections where being masqueraded (IIRC ipchains -L -M). However, I have not been able to do the same thing with iptables. I see that the connection exists, by using tcpdump, eg: 16:46:57.476303 203.45.74.87.41007 > 192.168.87.130.1809: . ack 1460

Curious behavior of iptables and masquerading

2000-12-02 Thread Mark Phillips
I noticed that if I run: iptables -t nat -P POSTROUTING DROP iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j ACCEPT then masquerading works, but if I run the last two commands in the opposite order (so that they appear in the opposite order