similar to: Port forwarding from Internal LAN

Hi there. I have followed some documents found here and there, but do not have already success implementing a script using iptables and iproute. What I need is to send all traffic trough an ADSL line, but mail trough an expensive and slow DS0. The mail server lies on the PC acting also as firewall. I include the script. When using that I get some error messages (I found that the flush command

Okay here is my setup: Gentoo Box running 2.6.4 w/ 4 NICs 1 NIC is for internal network 3 NICs are for external network The machine has a static address assigned to the internal network nic. This nic runs dhcp and dns forwarding. The other 3 nics have external dynamic IP addresses. All will have the same gateway. There are 3 NICs because this is a very large pipe, that will only allocate a

Hello, I have a webcam that I wish to view from the internet. It is a wireless linksys model with an ip address of 192.168.1.15. I have it set on port 8081, 192.168.1.15:8081. I am using the IP Masquerade HowTo script. Here's the rule I added to my firewall script: EXTIF="ppp0" INTIF="eth1" EXTIP="`$IFCONFIG $EXTIF | grep inet | cut -d : -f 2 | cut -d \ -f

Hi, I am trying to have some routing done between two subnets. One is 192.168.1.0/24 and has my LAN computers running a mix of Windows 98/XP clients. There are two linux machines on this network running Samba. Another is 192.168.0.0/24 and has the other LAN. Only my linux machines have two NICs, one for each LAN. I am trying out one of these linux machines to be the gateway for both the

Dear Tinc Experts, I have been struggling for some time now, with Tinc pre3, and firewall rulesets and routing. I did once manage to get Tinc to work okay in a test-bed environment. I then tried to set it up for a 'real-life' setup and cannot get it to work properly. My real-life setup looks like this: Network A: 192.168.1.0 / 255.255.255.0 192.168.1.7 tap1 device gateway >

Hello * community, I have 2 * boxes spanning a t1 with hdlc. I'm trying to route packets so people on a subnet seperate of the * boxes can browse the boxes on the * spanned subnet. The * boxes and the boxes on subnet controlled by * can see everything. The boxes on the seperate subnet inside the company can only see so far as the first * box and can't ping across the span.

ei tuka imam edin pf conf obache pravi mnogo nomera, kato se pusne parvoto koeto e dropva paketi, timeoutva po serverite i t.n.. i speed-a e mnogo baven, vijte ako nqkoi moje da otkrie generalna greshka da reply :) vapreki che ne e freebsd-specific :P ne sym go pisal az a i ne sam mnogo mnogo zapoznat s pf zatova ako nqkoi moje da pomogne e dobre doshyl :) btw moje i neshto ot tia opcii kato set

Hello, I am trying to get LDAP running. So far, the server is running but I cannot connect to port 389 or the server using webmin or phpldapadmin. It could be my ISP has blocked this port but I'm not sure. I have tried to telnet to port 389 but it is refused. All other services run fine. I user the iptables ruleset found in the IP-Masquerade HowTo. Below is the ruleset I follow for

Hi Tinc Mailing-Group, I am a bit stuck with firewalling rules at the moment. Maybe someone could please advise me a good rc.firewall script to use on my setup. If anyone runs an ipchains firewall script on their linux box which is ALSO running tinc, could they please mail it to me, for my perusal. I have tinc pre3 set up and working on my systems, however I can only get it to work if I set the

I am using the madwifi driver with the patch to allow changing of the MAC address and I have two other ethernet interfaces plus a pppoe interface. My outbound connection is ppp0. I have ath0, eth1, eth2 for internal interfaces. I have added these three interfaces to br0. Once the traffic leaves the linux router, it gets NAT'd and goes out through ppp0. All traffic on all segments works

Hello. I'm moving from a very old Fedora Core 1 to CentOS 4.4, what a change!! Three year ago, I wrote some script (network related) and worked very well. Now, I can put into init.d by means of chkconfig and I restarted the system, but always hang when executing my srcipt (in my new centos 4.4). There a manual for making scripts for init.d? there is some new requirement by which it does not

Easy question here: I have a test network that looks like this (apologies for my lack of ascii skills): [hostc]---------------[Firewall]192.168.42.1 (EXTIF: eth0) /10.0.0.1 (INTIF: eth1) 192.168.42.10 (wan) |(lan) | +-------------[hosta] 10.0.0.10 (port 4242) | +-------------[hostb]

Hi all, I need a little help, i am studing htb to control user bandwidth (download/upload) and I made a script as below to test. I am testing using ttcp tool from by linux box to other linux (192.168.200.51). my box <---- Linux = more than 128kbit mybot -----> Linux = get 128kbit But I want to control both ways, what am I missing? script: EXTIF=eth0 INTIF=eth1 TC=/sbin/tc DOWN=128

Hi, still trying to understand one thing. I would definitely like to tell iptables to accept all packets coming from remote vpn only if they hit the $VIRTUALVPNINTERFACE. I tried -o ipsec0 but this is not working, looks like ipsec0 device doesn't exist or it is not recognized. I red on the Openswan users list, that Linux kernel 2.6 native ipsec don't create ipsec* interface (if I am

Hi, this is a followup to "Problem with HTB and ceil", the problem with the ceiling has been resolved, thanks to the memebers on this m/g. Now I have the problem that packets get into the correct classe with the correct marks but the prios are not respected. I have 4 different classes: 1. voip class / prio 0 / mark 100 / voip traffic 2. ACK class / prio 1 / mark 200 / ACK packets to

I suppose a few questions pop up on this list about access Samba through a firewall. ?I have been very successful running Samba through a firewall, until today. ?I hit a stumbling block. I have a Linux Firewall with the public IP Address of 134.x.x.140 <it is not the exact ip address, but close>. ?I am using NAT and port forwarding to send traffic destined for 137, 138,139, and 445 for BOTH

Hi, What do you think about this solution for skype specific QoS: function HTB_shape { ########################################################### # Shapes the traffic of an interface, limiting the late # # Arguments are DEV,RATE DEV=$1 RATE=$2 [...] PORT=dport if [ $DEV == $EXTIF ]; then PORT=sport fi iptables -t mangle -A MYSHAPER-$DEV -p tcp --$PORT 4000 -j MARK --set-mark

I have a little home network with one Windows 98 PC and a pc running linux. My idea is that as soon as DSL is finally made available to my area (which I keep getting told will be real soon now) I want to route it through the linux box and up to the Windows PC, using IP masquerading, etc. At present I have samba enabled on the unix box which opens up several worthwhile conveniences to me:

Hi! I have configured traffic shaping with htb and imq but when i am downloading the latency for example on the Bnet class is very high ..... example: 65 kb/s download best latency: 56ms lateny on bnet class while downloading: 400 350 250 350 400 100 300 200 80 200 300 250 ..... To get informations about latency i am marking ping packets with iptables. I want to play during other users

Hi all, i got the following configuration: * NET1: DSL Line with /28 network, let''s call it 10.1.0.0/28 * NET2: DSL Line with /28 network, let''s call it 10.2.0.0/28 * INTNET: Internal Network with productive servers and workstations, 192.168.1.0/24 Obvisiously the 10er networks are official networks but censored to protect my customer. The routerbox assigns on eth0 all