Chiarezza su funzionamento iptables..

To: debian-italian@lists.debian.org
Subject: Chiarezza su funzionamento iptables..
From: Menegatti Simone <simone@menegatti.eu>
Date: Sat, 10 Feb 2007 20:01:34 +0100
Message-id: <[🔎] 45CE168E.60006@menegatti.eu>

ciao utilizzo iptables sul mio debian che mi fa da firewall per un altropc...


Il pc debian a ip 192.168.0.2, l'altro 10.10.1.1...
La mia questione è la seguente:

Io mi sono fatto un piccolo file dove ci sono elencale le regole daseguire ma devo ancora concluderlo... volevi quindi creare un file diregole dove "tutto a tutti e concesso" ed ho impostato

cosi:

#!/bin/bash
##################################################################################################

###### FLUSHING CHAIN##################################################

##################################################################################################
###### Flush, svuota le catene predefinite
iptables -F
iptables -t nat -F
iptables -t mangle -F
###### CANCELLO LE CATENE
iptables -X
###### Azzera i contatori sulle catene
iptables -Z
##################################################################################################

##### END FLUSHING CHAIN##################################################

##################################################################################################
##### MODULI VARI DA CHIARIRE #####
modprobe ip_tables
modprobe ip_conntrack
modprobe iptable_filter
modprobe iptable_nat
modprobe ipt_MASQUERADE
modprobe iptable_nat
modprobe ip_nat_ftp
##### FINE MODULI
##### SETTING IPFORWARDING - Abilita il forwarding x il NAT #####
echo 1 > /proc/sys/net/ipv4/ip_forward
##### END SETTING IPFORWARDING #####
##################################################################################################

##### DEFAULT CHAIN##################################################


# Imposto le policy per i pacchetti in ingresso bloccando il traffico
iptables -P INPUT ACCEPT

# Imposto le policy per i pacchetti in transito tra le due interfaccebloccando il traffico

iptables -P FORWARD ACCEPT
# Imposto la policy per i pacchetti in uscita bloccando il traffico
iptables -P OUTPUT ACCEPT
# Imposto la policy per postrouting e prerouting bloccanto il traffico
##iptables -t nat -P POSTROUTING DROP
##iptables -t nat -P PREROUTING DROP

##### END DEFAULT CHAIN##################################################

Pensavo che mettendo ad accept le tre catena tutto fosse concesso, inrealta se attivo le regole dal pc 10.10.1.1 non vado da nessuna parte...


che sbaglio?

ciao

Reply to:

Follow-Ups:
- Re: Chiarezza su funzionamento iptables..
  - From: Michele Orsenigo <gira06@4orsi.it>

Prev by Date: Re: aggiornare distro..
Next by Date: Re: installazione debian su vecchi PC
Previous by thread: Re: [OT] Script per masterizzare cd-audio
Next by thread: Re: Chiarezza su funzionamento iptables..
Index(es):
- Date
- Thread