OT: freeweb
György Varga
gylab at freestart.hu
Tue Feb 15 20:38:20 CET 2005
Hello Beregnyei,
Tuesday, February 15, 2005, 4:58:35 PM, you wrote:
BB> Miert nem kuldod el a szabalylistat? Kicsit konnyebb lenne segiteni, nem
BB> kene ossze-vissza talalgatni :)
Csak mert nem akartam a listat terhelni vele.
# Generated by iptables-save v1.2.6a on Fri Dec 31 20:46:39 2004
*nat
:PREROUTING ACCEPT [2:156]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -s 192.168.3.0/255.255.255.0 -p tcp -j MASQUERADE
-A POSTROUTING -o ppp0 -p icmp -j MASQUERADE
COMMIT
# Completed on Fri Dec 31 20:46:39 2004
# Generated by iptables-save v1.2.6a on Fri Dec 31 20:46:39 2004
*mangle
:PREROUTING ACCEPT [9:800]
:INPUT ACCEPT [7:644]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [10:656]
:POSTROUTING ACCEPT [10:656]
COMMIT
# Completed on Fri Dec 31 20:46:39 2004
# Generated by iptables-save v1.2.6a on Fri Dec 31 20:46:39 2004
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [9:564]
-A INPUT -i eth0 -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A INPUT -i eth3 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 3000 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 20 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j LOG
-A INPUT -i ppp0 -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -j DROP
-A INPUT -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o eth3 -j ACCEPT
-A FORWARD -s 192.168.0.0/255.255.0.0 -d 192.168.0.0/255.255.0.0 -j ACCEPT
COMMIT
# Completed on Fri Dec 31 20:46:39 2004
--
Best regards,
György mailto:gylab at freestart.hu
More information about the Elektro
mailing list