I have iptables setup to port forward ftp , web, and a game server to another server on the local network. It works great. I have also set it up so it only accepts incoming and outgoing connections on port 22. I'm having 2 problems and a couple of questions.
1. I can ssh into the machine which is 192.168.1.1 from any computer on the local network. But I can't run X programs without allowing all incoming and outgoing connections on this machine.
I've tried: $iptables -A INPUT -i eth1 -j ACCEPT
$iptables -A OUTPUT -o eth1 -j ACCEPT
This wouldn't fix the problem. So I tried.
$iptables -A INPUT -s 192.168.1.2-192.168.1.255 -j ACCEPT
$iptables -A OUTPUT -d 192.168.1.2-192.68.1.255 -j ACCEPT
This didn't work either. Only only accepting all incomeing and outgoing connections would.
2. I'm having problems with the nat features.
I want to be able to ssh into the routing machine from of the local network but I can't. I have it set to accept local connections on port 22 for udp and tcp.
But nat is nating the packets before it can accept them.
The only way I am able to get them to accept them is to disable nat.
I tried natting all the ports around 22. See the attache script but for some reason that wouln't work either.
Does anyone have any idea how to do this?
3. Does anyone know why? iptables -A mytable -p all --sport 22 -j ACCEPT won't work?
It seems that the all keywork doesn't work at all.
I am using iptables v.1.2.5 with RH7.3 most updated kernel.
Sorry for the lenght of this post I'm just looking for some solutions. Thanks for any help. I changed my IP in the firewall script. to 128.x.x.x hope this doesn't confuse anyone.
-Impulse
__________________________________________________________________
The NEW Netscape 7.0 browser is now available. Upgrade now! http://channels.netscape.com/ns/browsers/download.jsp
Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/
Attachment:
rc.firewall-2.4.mailing
Description: rc.firewall-2.4.mailing
