iptables-problem
Roger Grosswiler
roger at gwch.net
Sun Jun 10 19:30:06 UTC 2007
hey folks,
in fc6, i inserted some rules for openvpn in iptables:
/sbin/iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 80 -j
REDIRECT --to-port 3128
/sbin/iptables -I RH-Firewall-1-INPUT 3 -i tun0
-j ACCEPT
this should redirect all traffic on tun to squid and letting accepting
all traffic on tun0
in fact, since f7 it doesn't i even dont see the rules using iptables
-L (-t nat)
Also, i have lots of entries having a 0 in the proto-field.
whassup here??
target prot opt source destination
RH-Firewall-1-INPUT 0 -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT 0 -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT esp -- anywhere anywhere
ACCEPT ah -- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT tcp -- anywhere anywhere tcp dpt:ipp
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain
ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain
ACCEPT udp -- anywhere anywhere state NEW udp dpt:openvpn
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:nfs
REJECT 0 -- anywhere anywhere reject-with icmp-host-prohibited
More information about the fedora-list
mailing list