AW: Re: [Linux-Biella] Problemino con IPTables

Luca Bertoncello linux@ml.bilug.linux.it
Thu, 6 May 2004 12:52 +0200 

PaulTT <paultt@bilug.linux.it> schrieb:

> sicuramente tu :-)

Capita! Ho sempre lavorato con ipchains, quindi non sono un grande espertone per iptables...

> cmq troppe poke informazioni....
> o ti buchiamo la makkina e le ricaviamo o ce le dici, piu' o meno, perlomeno....

Vedo di darvi un po' di info...

> fai un iptables -L -n -v e un iptables -t nat -n -v e postali intanto...

Allora:
[root@ns root]# iptables -L -n -v
Chain INPUT (policy ACCEPT 63429 packets, 75M bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     tcp  --  venet0+ *       127.0.0.1            0.0.0.0/0
    0     0 REJECT     all  --  *      *       202.144.58.98        62.75.208.62       reject-with icmp-port-unreachable
    0     0 REJECT     all  --  *      *       213.66.228.229       62.75.208.62       reject-with icmp-port-unreachable
   18   984 ACCEPT     all  --  *      *       62.75.208.62         0.0.0.0/0
 1898  263K ACCEPT     all  --  *      *       127.0.0.1            0.0.0.0/0
   17   748 ACCEPT     icmp --  *      *       0.0.0.0/0            62.75.208.62       icmp type 8 limit: avg 6/min burst 5
  255 31019 ACCEPT     tcp  --  *      *       0.0.0.0/0            62.75.208.62       multiport dports 25,53,80,443
   19  1235 ACCEPT     udp  --  *      *       0.0.0.0/0            62.75.208.62       multiport dports 53
   22  1080 ACCEPT     tcp  --  *      *       217.57.128.124       62.75.208.62       multiport dports 22,21,10022
  628 44666 ACCEPT     tcp  --  *      *       213.239.226.18       62.75.208.62       multiport dports 22,21,10022
 2854  155K ACCEPT     tcp  --  *      *       195.180.115.6        62.75.208.62       multiport dports 22,21,10022
    2    80 REJECT     tcp  --  *      *       0.0.0.0/0            62.75.208.62       multiport dports 22,21,110,3306 reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 117K packets, 14M bytes)
 pkts bytes target     prot opt in     out     source               destination
------------------------------------------------------------------------------------
[root@ns root]# iptables -t nat -n -v
iptables v1.2.7a: no command specified
Try `iptables -h' or 'iptables --help' for more information.

> poi, su che eth e' l'indirizzo internet?

E' su una scheda virtuale (anche il Server e' virtuale!).
Si chiama venet0:0!

> poi, attraverso cosa, se attraverso qualcosa, passa la tua connessione internet?

Tramite la scheda venet0:0!

Ciao
Luca