Re: Не ходит FTP траффик.

To: debian-russian@lists.debian.org
Subject: Re: Не ходит FTP траффик.
From: veresk <evgeny_veresk@mail.ru>
Date: Fri, 19 Dec 2008 14:28:30 +0300
Message-id: <[🔎] 494B855E.2030905@mail.ru>
In-reply-to: <[🔎] 200812191419.59494.bart@solarnet.ru>
References: <[🔎] 494B781B.6090404@mail.ru> <[🔎] 200812191358.02189.bart@solarnet.ru> <[🔎] 494B801D.4030102@mail.ru> <[🔎] 200812191419.59494.bart@solarnet.ru>

iptables-save, только IP заменил на 123.123.123.123

# Generated by iptables-save v1.3.6 on Fri Dec 19 14:25:08 2008
*mangle
:PREROUTING ACCEPT [2830:514534]
:INPUT ACCEPT [1319:336714]
:FORWARD ACCEPT [1511:177820]
:OUTPUT ACCEPT [1374:394227]
:POSTROUTING ACCEPT [2629:556235]
:outtos - [0:0]
:pretos - [0:0]
-A PREROUTING -j pretos 
-A OUTPUT -j outtos 
-A outtos -p tcp -m tcp --dport 22 -j TOS --set-tos 0x10 
-A outtos -p tcp -m tcp --sport 22 -j TOS --set-tos 0x10 
-A outtos -p tcp -m tcp --dport 21 -j TOS --set-tos 0x10 
-A outtos -p tcp -m tcp --sport 21 -j TOS --set-tos 0x10 
-A outtos -p tcp -m tcp --sport 20 -j TOS --set-tos 0x08 
-A outtos -p tcp -m tcp --dport 20 -j TOS --set-tos 0x08 
-A pretos -p tcp -m tcp --dport 22 -j TOS --set-tos 0x10 
-A pretos -p tcp -m tcp --sport 22 -j TOS --set-tos 0x10 
-A pretos -p tcp -m tcp --dport 21 -j TOS --set-tos 0x10 
-A pretos -p tcp -m tcp --sport 21 -j TOS --set-tos 0x10 
-A pretos -p tcp -m tcp --sport 20 -j TOS --set-tos 0x08 
-A pretos -p tcp -m tcp --dport 20 -j TOS --set-tos 0x08 
COMMIT
# Completed on Fri Dec 19 14:25:08 2008
# Generated by iptables-save v1.3.6 on Fri Dec 19 14:25:08 2008
*filter
:INPUT ACCEPT [647:252836]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1374:394227]
-A INPUT -i eth1 -p tcp -m tcp --dport 3128 -j ACCEPT 
-A INPUT -i eth1 -p tcp -m multiport --dports 21 -j ACCEPT 
-A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,ACK SYN -j LOG --log-level 7 --log-tcp-options 
-A INPUT -i eth0 -p tcp -m tcp --tcp-flags FIN,SYN,ACK SYN -j REJECT --reject-with icmp-port-unreachable 
-A FORWARD -s 192.168.1.0/255.255.255.0 -i eth1 -p icmp -j ACCEPT 
-A FORWARD -d 192.168.1.0/255.255.255.0 -o eth1 -p icmp -j ACCEPT 
-A FORWARD -s 192.168.1.0/255.255.255.0 -i eth1 -p udp -m udp --dport 53 -j ACCEPT 
-A FORWARD -d 192.168.1.0/255.255.255.0 -o eth1 -p udp -m udp --sport 53 -j ACCEPT 
-A FORWARD -s 192.168.1.0/255.255.255.0 -i eth1 -p tcp -m multiport --dports 20,21,25,110,995,587 -j ACCEPT 
-A FORWARD -d 192.168.1.0/255.255.255.0 -o eth1 -p tcp -m multiport --sports 20,21,25,110,995,587 -j ACCEPT 
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A FORWARD -p ! icmp -m state --state INVALID -j DROP 
-A FORWARD -p ! icmp -m state --state INVALID -j DROP 
-A FORWARD -o eth0 -j DROP 
-A FORWARD -o eth+ -j DROP 
COMMIT
# Completed on Fri Dec 19 14:25:08 2008
# Generated by iptables-save v1.3.6 on Fri Dec 19 14:25:08 2008
*nat
:PREROUTING ACCEPT [354:32057]
:POSTROUTING ACCEPT [1:1459]
:OUTPUT ACCEPT [44:4030]
-A POSTROUTING -o eth0 -j SNAT --to-source 123.123.123.123 
COMMIT
# Completed on Fri Dec 19 14:25:08 2008

Reply to:

Follow-Ups:
- Re: Не ходит FTP траффик.
  - From: Stanislav Maslovski <stanislav.maslovski@gmail.com>

References:
- Не ходит FTP траффик.
  - From: veresk <evgeny_veresk@mail.ru>
- Re: Не ходит FTP траффик.
  - From: Mikhail A Antonov <bart@solarnet.ru>
- Re: Не ходит FTP траффик.
  - From: veresk <evgeny_veresk@mail.ru>
- Re: Не ходит FTP траффик.
  - From: Mikhail A Antonov <bart@solarnet.ru>

Prev by Date: /etc/sysconfig/vncservers
Next by Date: Re: Какой правильный лазерный принтер?
Previous by thread: Re: Не ходит FTP траффик.
Next by thread: Re: Не ходит FTP траффик.
Index(es):
- Date
- Thread