iptables
gbell72
gbell72-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Sat Nov 8 21:39:32 UTC 2003
It does seem so..I've since changed my rules again slightly to look like
so..when I was using firestarter I only needed 2 rules to make this work, my
present rules look like so:
iptables -A FORWARD -i eth1 -o eth0 -p tcp --dport 8888 -m state --state
NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -t nat -I PREROUTING -i eth1 -p tcp --dport 8888 -j DNAT --to-dest
192.168.0.66:8888
which still allows anyone on lan access, but not outside. I'm new at
customizing my own rules so thing are still kinda cryptic to me
On Sat, 8 Nov 2003, Kevin Cozens wrote:
> At 03:03 PM 11/08/2003 -0500, you wrote:
> > > I suppose it is possible. Which interface connects to your router and which
> > > is used for the Internal LAN?
> > >
> > > eth1 connects to the cable modem eth0 connects to hub
>
> I haven't had to deal with relaying traffic between interfaces (yet). The
> thought that occurs to me is that you would need to have rules to allow
> eth1 to accept the incoming traffic from the remote user. A forwarding rule
> to reroute the external traffic to your internal LAN on eth0, and finally,
> a rule on eth0 to allow traffic coming from interface eth1 which contains
> an origin address of the external user. It looks like you have the first
> two parts. You may just be missing the last step.
>
>
> Cheers!
>
> Kevin. (http://www.interlog.com/~kcozens/)
>
> Owner of Elecraft K2 #2172 |"What are we going to do today, Borg?"
> E-mail:kcozens at interlog dot com|"Same thing we always do, Pinkutus:
> Packet:ve3syb at ve3yra.#con.on.ca.na| Try to assimilate the world!"
> #include <disclaimer/favourite> | -Pinkutus & the Borg
>
> --
> The Toronto Linux Users Group. Meetings: http://tlug.ss.org
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
>
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list