what is a good proxy server
Todd Wirth
todd at phyberoptiks.net
Mon May 27 20:17:25 EDT 2002
Try this really quickly:
iptables -t nat -D POSTROUTING 1
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Then check your clients to see if they can get out.
-- Todd
-----Original Message-----
From: owner-nflug at nflug.org [mailto:owner-nflug at nflug.org]On Behalf Of
umar
Sent: Monday, May 27, 2002 7:35 PM
To: nflug at nflug.org
Subject: RE: what is a good proxy server
[root at siddiqi umar]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 192.168.0.0/24 anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
--- Todd Wirth <todd at phyberoptiks.net> wrote:
> What's your output from: iptables -t nat -L
>
> -- Todd
>
>
>
>
>
> -----Original Message-----
> From: owner-nflug at nflug.org
> [mailto:owner-nflug at nflug.org]On Behalf Of
> umar
> Sent: Monday, May 27, 2002 11:10 AM
> To: nflug at nflug.org
> Subject: Re: what is a good proxy server
>
>
> offcourse my internet is working and i have two NIC.
> Here are the outputs. They are different from what
> mandrake generated for me since a friend of mine
> came
> yesterday and he reconfigured the iptables, but I
> havent got a chance yet to test it on client
> computers.
>
> ------------------------------------
> [root at siddiqi umar]# ifconfig -a
> eth0 Link encap:Ethernet HWaddr
> 00:01:03:CE:8E:29
> inet addr:68.65.8.57 Bcast:68.65.9.255
> Mask:255.255.254.0
> UP BROADCAST NOTRAILERS RUNNING MTU:1500
> Metric:1
> RX packets:305110 errors:3 dropped:0
> overruns:0 frame:3
> TX packets:19449 errors:0 dropped:0
> overruns:0 carrier:1
> collisions:266 txqueuelen:100
> RX bytes:76774520 (73.2 Mb) TX
> bytes:2781753 (2.6 Mb)
> Interrupt:3 Base address:0xdc00
>
> eth1 Link encap:Ethernet HWaddr
> 00:04:5A:45:B6:5E
> inet addr:192.168.0.1 Bcast:192.168.0.255
>
> Mask:255.255.255.0
> UP BROADCAST RUNNING MULTICAST MTU:1500
> Metric:1
> RX packets:935 errors:0 dropped:0
> overruns:0
> frame:0
> TX packets:16 errors:0 dropped:0
> overruns:0
> carrier:0
> collisions:0 txqueuelen:100
> RX bytes:109885 (107.3 Kb) TX bytes:2772
> (2.7 Kb)
> Interrupt:11 Base address:0xd800
>
> lo Link encap:Local Loopback
> inet addr:127.0.0.1 Mask:255.0.0.0
> UP LOOPBACK RUNNING MTU:16436 Metric:1
> RX packets:1081 errors:0 dropped:0
> overruns:0 frame:0
> TX packets:1081 errors:0 dropped:0
> overruns:0 carrier:0
> collisions:0 txqueuelen:0
> RX bytes:73024 (71.3 Kb) TX bytes:73024
> (71.3 Kb)
> -----------------------------------------
>
>
>
> [root at siddiqi umar]# netstat -rn
> Kernel IP routing table
> Destination Gateway Genmask
> Flags
> MSS Window irtt Iface
> 255.255.255.255 0.0.0.0 255.255.255.255 UH
>
> 40 0 0 eth1
> 192.168.0.0 0.0.0.0 255.255.255.0 U
>
> 40 0 0 eth1
> 68.65.8.0 0.0.0.0 255.255.254.0 U
>
> 40 0 0 eth0
> 127.0.0.0 0.0.0.0 255.0.0.0 U
>
> 40 0 0 lo
> 0.0.0.0 68.65.8.1 0.0.0.0 UG
>
> 40 0 0 eth0
> -------------------------------------------
> nameserver 24.48.33.2
> nameserver 24.48.33.3
> search buf.adelphia.net.
> -----------------------------------------
> cat /proc/sys/net/ipv4/ip_forward
> 1[root at siddiqi umar]# ipchains -L
> ipchains: Incompatible with this kernel
> [root at siddiqi umar]# iptables -L
> Chain INPUT (policy DROP)
> target prot opt source destination
> ACCEPT udp -- anywhere anywhere
>
> udp spt:bootpc dpt:bootps
> ACCEPT tcp -- anywhere anywhere
>
> tcp spt:bootpc dpt:bootps
> ACCEPT udp -- anywhere anywhere
>
> udp spt:bootps dpt:bootpc
> ACCEPT tcp -- anywhere anywhere
>
> tcp spt:bootps dpt:bootpc
> ACCEPT udp -- anywhere anywhere
>
> udp dpt:domain
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:domain
> DROP tcp -- anywhere 127.0.0.0/8
> ACCEPT all -- anywhere anywhere
>
> state RELATED,ESTABLISHED
> ACCEPT all -- anywhere anywhere
> DROP all -- BASE-ADDRESS.MCAST.NET/4
> anywhere
> PUB_IN all -- anywhere anywhere
> PUB_IN all -- anywhere anywhere
> PUB_IN all -- anywhere anywhere
> DROP all -- anywhere anywhere
>
> Chain FORWARD (policy DROP)
> target prot opt source destination
> ACCEPT all -- 192.168.0.0/24 anywhere
> ACCEPT all -- anywhere anywhere
>
> state RELATED,ESTABLISHED
>
> Chain OUTPUT (policy ACCEPT)
> target prot opt source destination
> PUB_OUT all -- anywhere anywhere
> PUB_OUT all -- anywhere anywhere
> PUB_OUT all -- anywhere anywhere
>
> Chain INT_IN (0 references)
> target prot opt source destination
> ACCEPT icmp -- anywhere anywhere
> DROP all -- anywhere anywhere
>
> Chain INT_OUT (0 references)
> target prot opt source destination
> ACCEPT icmp -- anywhere anywhere
> ACCEPT all -- anywhere anywhere
>
> Chain PUB_IN (3 references)
> target prot opt source destination
> ACCEPT icmp -- anywhere anywhere
>
> icmp destination-unreachable
> ACCEPT icmp -- anywhere anywhere
>
> icmp echo-reply
> ACCEPT icmp -- anywhere anywhere
>
> icmp time-exceeded
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:domain
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:pop2
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:imap
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:http
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:ftp-data
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:ftp
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:pop3
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:ssh
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:telnet
> ACCEPT tcp -- anywhere anywhere
>
> tcp dpt:https
> ACCEPT tcp -- anywhere anywhere
>
>
=== message truncated ===
__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com
More information about the nflug
mailing list