iptable et masquerades
bonjours
je desespere !!!
pas moyen d'avoir du net a partir d'un de mes pc derriere le routeur
debian
les client derrier eth3 (192.168.2.0) ne recoive rien en net ceux
derriere eth0 et eth1(192.168.0.1 et 192.168.1.0) en ont eux
le ping marche sans probleme vers 192.168.2.1 mais pas vers 192.168.01
et surtout pas vers www.***.*
voici la sortie de iptables -L (tout me semble correct mais ca marche
pas) le pc client est hors de question il est bien configuré et marche
tres bien si je lemet derriere un autre interface
debian:/home/guy# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
LOG all -- 127.0.0.0/8 anywhere LOG level
warning
DROP all -- 127.0.0.0/8 anywhere
ACCEPT all -- anywhere ip4-broadcast
ACCEPT all -- anywhere ip4-broadcast
ACCEPT all -- anywhere ip4-broadcast
ACCEPT all -- 192.168.0.0/24 anywhere
ACCEPT all -- 192.168.1.0/24 anywhere
ACCEPT all -- 192.168.2.0/24 anywhere
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
LOG all -- 192.168.0.0/24 anywhere LOG level
warning
DROP all -- 192.168.0.0/24 anywhere
LOG all -- 192.168.1.0/24 anywhere LOG level
warning
DROP all -- 192.168.1.0/24 anywhere
LOG all -- 192.168.2.0/24 anywhere LOG level
warning
DROP all -- 192.168.2.0/24 anywhere
ACCEPT all -- anywhere ip4-broadcast
ACCEPT all -- anywhere
cable-213-132-128-207.upc.chello.be
ACCEPT all -- anywhere 213.132.129.255
LOG all -- anywhere anywhere LOG level
warning
DROP all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- 192.168.1.0/24 192.168.0.0/24
ACCEPT all -- 192.168.2.0/24 192.168.0.0/24
ACCEPT all -- 192.168.0.0/24 192.168.1.0/24
ACCEPT all -- 192.168.2.0/24 192.168.1.0/24
ACCEPT all -- 192.168.0.0/24 192.168.2.0/24
ACCEPT all -- 192.168.1.0/24 192.168.2.0/24
ACCEPT all -- 192.168.0.0/24 anywhere
ACCEPT all -- anywhere 192.168.0.0/24
ACCEPT all -- 192.168.1.0/24 anywhere
ACCEPT all -- anywhere 192.168.1.0/24
ACCEPT all -- 192.168.2.0/24 anywhere
ACCEPT all -- anywhere 192.168.2.0/24
LOG all -- anywhere 192.168.0.0/24 LOG level
warning
DROP all -- anywhere 192.168.0.0/24
LOG all -- anywhere 192.168.1.0/24 LOG level
warning
DROP all -- anywhere 192.168.1.0/24
LOG all -- anywhere 192.168.2.0/24 LOG level
warning
DROP all -- anywhere 192.168.2.0/24
LOG all -- anywhere anywhere LOG level
warning
DROP all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere ip4-broadcast
ACCEPT all -- anywhere ip4-broadcast
ACCEPT all -- anywhere ip4-broadcast
ACCEPT all -- anywhere 192.168.0.0/24
ACCEPT all -- anywhere 192.168.1.0/24
ACCEPT all -- anywhere 192.168.2.0/24
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
ACCEPT !tcp -- anywhere BASE-ADDRESS.MCAST.NET/4
LOG all -- anywhere 192.168.0.0/24 LOG level
warning
DROP all -- anywhere 192.168.0.0/24
LOG all -- anywhere 192.168.1.0/24 LOG level
warning
DROP all -- anywhere 192.168.1.0/24
LOG all -- anywhere 192.168.2.0/24 LOG level
warning
DROP all -- anywhere 192.168.2.0/24
ACCEPT all -- anywhere ip4-broadcast
ACCEPT all -- cable-213-132-128-207.upc.chello.be anywhere
ACCEPT all -- 213.132.129.255 anywhere
LOG all -- anywhere anywhere LOG level
warning
DROP all -- anywhere anywhere
debian:/home/guy#
--
hendrickx guy <guy88@freegates.be>
Reply to: