RE: nat no traffic returns

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 07:42 22-05-2003 +1000, you wrote:
Hi,

stupid question but has the inside machine got a default gateway to the firewall?

Last time I checked the default gateway was set to the firewall.


Have you also tried running tcpump with the command : tcpdump -x port 3389 and host public_ip
to check the traffic and the direction all of it going to and from?

tcpdump is broke on this box ARGH.


But I double checked to see if I could connect to the firewalled box while I was connected to the firewall, and I could. As soon as I add rules to allow traffic on the INPUT and OUTPUT chains from and to the firewalled box I can connect from the firewall to the firewalled box using FTP or WWW. but not through the firewall.

TIA,


B.


____________________________________________
George Vieira
Systems Manager
georgev@xxxxxxxxxxxxxxxxxxxxxx

Citadel Computer Systems Pty Ltd
http://www.citadelcomputer.com.au


-----Original Message----- From: B. van Ouwerkerk [mailto:bvo@xxxxxx] Sent: Thursday, May 22, 2003 7:34 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: nat no traffic returns



> > iptables -P FORWARD DROP
> >
>You are only allowing packets through the forward chain in the direction
>eth1->eth0.
>There is no packet allowed in the other direction.
>iptables -A FORWARD -i eth0 -o eth1 -d 10.0.0.112 -m multiport --dport
>3389,21,80 -m state --state NEW -j ACCEPT
>iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT

Thank you for your reply, you are right.. but it didn't help..

Been looking a bit further.. again.. iptables -v -L tells that packets are
forwarded to eth1, on eth1 I notice that the TX bytes is increasing but the
RX are stable at the same value.
Would it be correct to assume this is not an iptables issue but an issue of
the box behind the Linux box?

TIA,

B.



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux