NAT question?help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

My NAT and iptables configuration are installed on a pc called rh9.

 

Users on my LAN connect to rh9 as a gateway to check their email on outlook express and browse on the internet.

 

However, when I add the following rules, I cannot check mail on rh9 itself but can browse only.

 

iptables –t filter –P FORWARD DROP

iptables –t nat –P FORWARD DROP

 

Can anyone explain to me why this is the case? Or what can I do to check mail on rh9.

 

My iptables and NAT configurations are as below

 

Thanks for any help

 

Rgds

Gilles

 

 

[root@rh9 root]# iptables –vnL

 

Chain INPUT (policy DROP 478 packets, 46623 bytes)

 

pkts bytes target     prot opt in     out     source            destination

 

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:53

0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp spt:53

0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp spt:80

4   160 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:80

0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp spt:443

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:443

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:110

0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp spt:110

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:25

0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp spt:25

0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp spt:10000

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp spt:10000

0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0          tcp dpt:10000

0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0          udp dpt:10000

31  9152 ACCEPT    all  --  *      *       0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED

 

Chain FORWARD (policy DROP 18 packets, 864 bytes)

 

pkts bytes target     prot opt in     out     source              destination

394  185K ACCEPT     all  --  eth1   eth0    0.0.0.0/0            0.0.0.0/0          state RELATED,ESTABLISHED

309 56481 ACCEPT     all  --  eth0   eth1    0.0.0.0/0            0.0.0.0/0

 

Chain OUTPUT (policy ACCEPT 126 packets, 8793 bytes)

 

pkts bytes target     prot opt in     out     source               destination

 

 

 

NAT Rules

 

Chain PREROUTING (policy ACCEPT)

target     prot opt source               destination

 

Chain POSTROUTING (policy ACCEPT)

target     prot opt source               destination

MASQUERADE  all  --  anywhere             anywhere

 

Chain OUTPUT (policy ACCEPT)

target     prot opt source               destination

 

 

 

 

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux