what is a good proxy server

Todd Wirth todd at phyberoptiks.net
Mon May 27 11:41:27 EDT 2002


What's your output from: iptables -t nat -L

-- Todd





-----Original Message-----
From: owner-nflug at nflug.org [mailto:owner-nflug at nflug.org]On Behalf Of
umar
Sent: Monday, May 27, 2002 11:10 AM
To: nflug at nflug.org
Subject: Re: what is a good proxy server


offcourse my internet is working and i have two NIC.
Here are the outputs. They are different from what
mandrake generated for me since a friend of mine came
yesterday and he reconfigured the iptables, but I
havent got a chance yet to test it on client
computers.

------------------------------------
[root at siddiqi umar]# ifconfig -a
eth0      Link encap:Ethernet  HWaddr
00:01:03:CE:8E:29
          inet addr:68.65.8.57  Bcast:68.65.9.255 
Mask:255.255.254.0
          UP BROADCAST NOTRAILERS RUNNING  MTU:1500 
Metric:1
          RX packets:305110 errors:3 dropped:0
overruns:0 frame:3
          TX packets:19449 errors:0 dropped:0
overruns:0 carrier:1
          collisions:266 txqueuelen:100
          RX bytes:76774520 (73.2 Mb)  TX
bytes:2781753 (2.6 Mb)
          Interrupt:3 Base address:0xdc00
 
eth1      Link encap:Ethernet  HWaddr
00:04:5A:45:B6:5E
          inet addr:192.168.0.1  Bcast:192.168.0.255 
Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500 
Metric:1
          RX packets:935 errors:0 dropped:0 overruns:0
frame:0
          TX packets:16 errors:0 dropped:0 overruns:0
carrier:0
          collisions:0 txqueuelen:100
          RX bytes:109885 (107.3 Kb)  TX bytes:2772
(2.7 Kb)
          Interrupt:11 Base address:0xd800
 
lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1081 errors:0 dropped:0
overruns:0 frame:0
          TX packets:1081 errors:0 dropped:0
overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:73024 (71.3 Kb)  TX bytes:73024
(71.3 Kb)
-----------------------------------------



[root at siddiqi umar]# netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags 
 MSS Window  irtt Iface
255.255.255.255 0.0.0.0         255.255.255.255 UH    
  40 0          0 eth1
192.168.0.0     0.0.0.0         255.255.255.0   U     
  40 0          0 eth1
68.65.8.0       0.0.0.0         255.255.254.0   U     
  40 0          0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U     
  40 0          0 lo
0.0.0.0         68.65.8.1       0.0.0.0         UG    
  40 0          0 eth0
-------------------------------------------
nameserver 24.48.33.2
nameserver 24.48.33.3
search buf.adelphia.net.
-----------------------------------------
cat /proc/sys/net/ipv4/ip_forward
1[root at siddiqi umar]# ipchains -L
ipchains: Incompatible with this kernel
[root at siddiqi umar]# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere     
     udp spt:bootpc dpt:bootps
ACCEPT     tcp  --  anywhere             anywhere     
     tcp spt:bootpc dpt:bootps
ACCEPT     udp  --  anywhere             anywhere     
     udp spt:bootps dpt:bootpc
ACCEPT     tcp  --  anywhere             anywhere     
     tcp spt:bootps dpt:bootpc
ACCEPT     udp  --  anywhere             anywhere     
     udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:domain
DROP       tcp  --  anywhere             127.0.0.0/8
ACCEPT     all  --  anywhere             anywhere     
     state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  BASE-ADDRESS.MCAST.NET/4  anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  192.168.0.0/24       anywhere
ACCEPT     all  --  anywhere             anywhere     
     state RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere

Chain INT_IN (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain INT_OUT (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain PUB_IN (3 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere     
     icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere     
     icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere     
     icmp time-exceeded
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:pop2
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:imap
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:ftp-data
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:telnet
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:https
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere     
     tcp dpt:domain
ACCEPT     udp  --  anywhere             anywhere     
     udp dpt:domain
ACCEPT     udp  --  anywhere             anywhere     
     udp dpt:domain
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:telnet state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:ftp state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:imap state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:pop3 state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:finger state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:sunrpc state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:exec state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:login state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:tacnews state INVALID,NEW limit: avg
5/sec burst 8 LOG level warning prefix `audit'
LOG        tcp  --  anywhere             anywhere     
     tcp dpt:ssh state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
LOG        udp  --  anywhere             anywhere     
     udp dpt:31337 state INVALID,NEW limit: avg 5/sec
burst 8 LOG level warning prefix `audit'
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere
 
Chain PUB_OUT (3 references)
target     prot opt source               destination
REJECT     icmp --  anywhere             anywhere     
     icmp destination-unreachable reject-with
icmp-port-unreachable
REJECT     icmp --  anywhere             anywhere     
     icmp time-exceeded reject-with
icmp-port-unreachable
ACCEPT     all  --  anywhere             anywhere
-----------------------------------------




--- deadpoint <deadpoint at adelphia.net> wrote:
> where you ever able to connect to the net using your
> linux machine? 
> without that you'll never get the connection shaing
> to work. does your 
> machine have 2 network cards? how are your NIC(s)
> configured? send the 
> output from the following commands to the list.
> 
> ifconfig -a
> netstat -rn
> cat /etc/resolv.conf
> cat /proc/sys/net/ipv4/ip_forward
> ipchains -L
> iptables -L
> 
> umar wrote:
> 
> >hi all, 
> >
> >since my mandrake connection sharing system is not
> >working (and no one was able to help me with that),
> I
> >am thinking about setting up a third party server
> to
> >share my cable connection with my roommates. I want
> to
> >know what are good proxy servers for linux that can
> >handle upto 5 clients and support ftp, telnet, ssh
> and
> >various instant messengers. 
> >
> >I have heard of squid but dont know how good or bad
> it
> >is. Any help in this regard would be appreciated. 
> >
> >And NO I cannot buy a new box to act as a router. I
> >have to do something using my own box. 
> >
> >Umar
> >
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Yahoo! - Official partner of 2002 FIFA World Cup
> >http://fifaworldcup.yahoo.com
> >
> >  
> >
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com




More information about the nflug mailing list