Hejsa
Min firewall/router fungerede uden problemer indtil for et par dage
siden, hvor bla. port-forward stoppede med at virke.
Jeg har forsøgt all mulige/umulige kombinationer uden resultat.
Er der en iptables haj, der kan få øje på hvad der er problemet
med nedenstående regler.
# Generated by iptables-save v1.2.10 on Thu Aug 7 22:35:27 2008
*filter
:INPUT DROP [9376:703851]
:FORWARD DROP [25747:2018285]
:OUTPUT ACCEPT [3055:378532]
-A INPUT -d 127.0.0.1 -i eth1 -j DROP
-A INPUT -s 127.0.0.1 -i eth1 -j DROP
-A INPUT -s 127.0.0.1 -j ACCEPT
-A INPUT -d 127.0.0.1 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -i eth0 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth1 -p tcp -m tcp --dport 35758 -j ACCEPT
-A FORWARD -i eth1 -p udp -m udp --dport 35758 -j ACCEPT
-A FORWARD -d 1.2.3.4 -i eth1 -p tcp -m state --state NEW -m tcp \
--dport 35758 -j ACCEPT
-A FORWARD -i eth1 -p tcp -m state --state NEW -m tcp \
--dport 35758 -j ACCEPT
-A FORWARD -i eth1 -p udp -m state --state NEW -m udp \
--dport 35758 -j ACCEPT
COMMIT
# Completed on Thu Aug 7 22:35:27 2008
# Generated by iptables-save v1.2.10 on Thu Aug 7 22:35:27 2008
*nat
:PREROUTING ACCEPT [50458:4183904]
:POSTROUTING ACCEPT [254:15054]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -d 1.2.3.4 -p tcp -m tcp --dport 35758 -j DNAT \
--to-destination 10.0.0.47:35758
-A PREROUTING -d 1.2.3.4 -p udp -m udp --dport 35758 -j DNAT \
--to-destination 10.0.0.47:35758
-A POSTROUTING -s 10.0.0.0/255.255.255.0 -o eth1 -j MASQUERADE
COMMIT
