With "-t XXX" you select the TABLE to modify/view
To display the forward-chain you can just do
iptables -t filter -nvL FORWARD
("-t filter" is default and can be left out)
For example, to make uml reach the outside world and protect uml
against connections from outside you would do
iptables -I FORWARD 1 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -I FORWARD 2 -i <TAP-INTERFACE> -s 192.168.0.0/24 -j ACCEPT
There is a good tutorial to iptables at frozentux.net:
http://iptables-tutorial.frozentux.net/iptables-tutorial.html
To at least see, if the umls do any ns-lookups at all you can use
tcpdump on the host:
tcpdump -n -i tapX udp port 53
as root. Be sure to specify the right tap-interface.
Greets,
Chris
Am 26.06.2006 um 17:31 schrieb paul john:
> thank you guys all.
>
> 2006/6/26, Christian Bockermann <[EMAIL PROTECTED]>: What's /etc/
> resolv.conf look like in your UML? You have to specify a
> name server here.
> Does your FORWARD-chain allow udp 53 from 192.168.0.0/24 to the
>
> is this forward-chain of host ? i don't know how to ? iptables
> -t FORWARD.... ,please give a practical command.
>
> nameservers you have in /etc/resolv.conf?
>
> yes the resolv.conf has the same nameserver . in host ,ping domain
> name ok, in uml ,it can't .
>
> Greets,
> Chris
>
> Am 26.06.2006 um 15:52 schrieb paul john:
>
> > in host , i use "iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -
> > j MASQUERADE" to enable umls accessing the world . but can't
> > resolve domain name , if you just give a ip , in umls can ping out
> > the world .but if give a domain name , can't , i don't know what's
> > problem .
> > please .
> >
> >
> > --
> > skype id (flourishing21633)
> > [EMAIL PROTECTED]
> > Using Tomcat but need to do more? Need to support web services,
> > security?
> > Get stuff done quickly with pre-integrated technology to make your
> > job easier
> > Download IBM WebSphere Application Server v.1.0.1 based on Apache
> > Geronimo
> > http://sel.as-us.falkag.net/sel?
> > cmd=lnk&kid=120709&bid=263057&dat=121642
> > _______________________________________________
> > User-mode-linux-user mailing list
> > User-mode-linux-user@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
>
>
>
>
> --
> skype id (flourishing21633)
> [EMAIL PROTECTED]
> Using Tomcat but need to do more? Need to support web services,
> security?
> Get stuff done quickly with pre-integrated technology to make your
> job easier
> Download IBM WebSphere Application Server v.1.0.1 based on Apache
> Geronimo
> http://sel.as-us.falkag.net/sel?
> cmd=lnk&kid=120709&bid=263057&dat=121642
> _______________________________________________
> User-mode-linux-user mailing list
> User-mode-linux-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
User-mode-linux-user mailing list
User-mode-linux-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-user
