Hi guys: Could someone please help me out troubleshooting my iptables rules ?
Believe me, I'd love to know much more of iptables to do it myself. :( Apart of the current rules, I want to allow any internal machine to open any tcp ports or service in the internet. Our internal interface is eth1 Our public interface is eth0 By the way, who knows what these numbers in [] brackets are for ? All I have is the following basics: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++ # Generated by iptables-save v1.2.5 on Wed Jul 31 13:56:40 2002 *mangle :PREROUTING ACCEPT [25730:10309361] :INPUT ACCEPT [319427:167805465] :FORWARD ACCEPT [51299:15977485] :OUTPUT ACCEPT [28110:10309728] :POSTROUTING ACCEPT [383968:180518409] COMMIT # Completed on Wed Jul 31 13:56:40 2002 # Generated by iptables-save v1.2.5 on Wed Jul 31 13:56:40 2002 *nat :PREROUTING ACCEPT [791:51072] :POSTROUTING ACCEPT [278:16981] :OUTPUT ACCEPT [245:15293] [1:60] -A PREROUTING -i eth0 -p tcp -m tcp --dport 110 -j DNAT --to-destination x.x.x.x [0:0] -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination x.x.x.x COMMIT # Completed on Wed Jul 31 13:56:40 2002 # Generated by iptables-save v1.2.5 on Wed Jul 31 13:56:40 2002 *filter :INPUT DROP [455:36384] :FORWARD ACCEPT [93:4714] :OUTPUT ACCEPT [22539:7732428] [102:7920] -A INPUT -i lo -j ACCEPT [22800:10072493] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT [0:0] -A INPUT -i eth0 -p tcp -m tcp --dport 110 -m state --state NEW -j ACCEPT [0:0] -A INPUT -i eth0 -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT [279:24256] -A INPUT -i eth1 -m state --state NEW -j ACCEPT COMMIT # Completed on Wed Jul 31 13:56:40 2002 -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
