Hi Ramin Dousti! No, the link is one modem whith 33600Kb/s or 56600Kb/s Thanks. ----- Original Message ----- From: "Ramin Dousti" <ramin@xxxxxxxxxxxxxxxxxxxx> To: "Carlos Delfino Carvalho Pinheiro" <suporte@xxxxxxxxxxxxxxxxxxxx> Cc: "netfilter" <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Tuesday, August 12, 2003 9:50 AM Subject: Re: small mails is ok, but big e-mails not go!!!!!! > Hi Carlos, > > I see you have ppp0. Is it pppeo? If so, check the MTU on the link. > > http://www.google.com/search?hl=en&ie=ISO-8859-1&q=pppoe+mtu > > Ramin > > On Tue, Aug 12, 2003 at 07:28:35AM -0300, Carlos Delfino Carvalho Pinheiro wrote: > > > Hi Netfiltersssss > > > > My Name is Carlos Delfino, Im Braziliannnnnn!!!! > > > > I have one linux box with iptables and have this rules: > > > > # Generated by iptables-save v1.2.8 on Tue Aug 12 06:45:43 2003 > > *nat > > :PREROUTING ACCEPT [1927:128320] > > :POSTROUTING ACCEPT [187:14251] > > :OUTPUT ACCEPT [152:9331] > > -A PREROUTING -i ppp0 -p tcp -m tcp --dport 5900 -j DNAT --to-destination 192.168.1.200 > > -A PREROUTING -i ppp0 -p tcp -m tcp --dport 5800 -j DNAT --to-destination 192.168.1.200 > > -A POSTROUTING -o ppp0 -j MASQUERADE > > COMMIT > > # Completed on Tue Aug 12 06:45:43 2003 > > # Generated by iptables-save v1.2.8 on Tue Aug 12 06:45:43 2003 > > *mangle > > :PREROUTING ACCEPT [189955:64457766] > > :INPUT ACCEPT [121895:44059863] > > :FORWARD ACCEPT [67807:20272319] > > :OUTPUT ACCEPT [112104:15205088] > > :POSTROUTING ACCEPT [179911:35477407] > > -A POSTROUTING -o ppp0 -j TTL --ttl-set 128 > > -A POSTROUTING -o ppp0 -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu > > COMMIT > > # Completed on Tue Aug 12 06:45:43 2003 > > # Generated by iptables-save v1.2.8 on Tue Aug 12 06:45:43 2003 > > *filter > > :INPUT ACCEPT [73566:41975072] > > :FORWARD ACCEPT [67807:20272319] > > :OUTPUT ACCEPT [112106:15205496] > > :ACCEPT-LOG - [0:0] > > :REJECT-LOG - [0:0] > > :REJECT-RESET-LOG - [0:0] > > :RH-Lokkit-0-50-INPUT - [0:0] > > -A INPUT -j RH-Lokkit-0-50-INPUT > > -A FORWARD -m limit --limit 3/min --limit-burst 3 -j LOG --log-prefix "OUTPUT packet died: " --log-level debug > > -A OUTPUT -m limit --limit 3/min --limit-burst 3 -j LOG --log-prefix "OUTPUT packet died: " --log-level debug > > -A ACCEPT-LOG -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j LOG --log-prefix "ACCEPT " --log-level debug > > -A ACCEPT-LOG -j ACCEPT > > -A REJECT-LOG -j LOG --log-prefix "REJECTED " --log-level debug > > -A REJECT-LOG -j REJECT --reject-with icmp-port-unreachable > > -A REJECT-RESET-LOG -j LOG --log-prefix "REJECTED WITH RESET " --log-level debug > > -A REJECT-RESET-LOG -p tcp -m tcp -j REJECT --reject-with tcp-reset > > -A RH-Lokkit-0-50-INPUT -s 200.202.193.76 -p udp -m udp --sport 53 --dport 1025:65535 -j ACCEPT > > -A RH-Lokkit-0-50-INPUT -s 200.223.0.84 -p udp -m udp --sport 53 --dport 1025:65535 -j ACCEPT > > -A RH-Lokkit-0-50-INPUT -m limit --limit 3/min --limit-burst 3 -j LOG --log-prefix "INPUT packet died: " --log-level debug > > -A RH-Lokkit-0-50-INPUT -p udp -m udp --sport 53 --dport 1025:65535 -j ACCEPT-LOG > > -A RH-Lokkit-0-50-INPUT -i lo -j ACCEPT-LOG > > -A RH-Lokkit-0-50-INPUT -i ppp0 -p tcp -m tcp --dport 113 -j REJECT-RESET-LOG > > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 5900 -j ACCEPT-LOG > > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 5800 -j ACCEPT-LOG > > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 22 -j ACCEPT-LOG > > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 21 -j ACCEPT-LOG > > -A RH-Lokkit-0-50-INPUT -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j REJECT-LOG > > -A RH-Lokkit-0-50-INPUT -p udp -m udp -j REJECT-LOG > > COMMIT > > # Completed on Tue Aug 12 06:45:43 2003 > > > > my kernel is 2.4.20 more POM. > > > > > > but I not send big E-mails, E-mails greats with 20K. > > > > I use the linux like one firewall for my Windows98 boxxxx!!! > > > > thanks > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~ > > ~ Carlos Delfino Carvalho Pinheiro > > ~ Especialista em Redes de Computadores > > ~ (85) 9609-5201 > > ~ (85) 245-7809 > > ~ suporte@xxxxxxxxxxxxxxxxxxxx > > ~ Duvidas? http://www.carlosdelfino.eti.br/dicas/ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~ >
