similar to: ASTERISK BOX behind a filewall

Hi, I am running a ASTERISK BOX behind a firewall. It is at DMZ . Now I want to connect to my ASTERISK BOX from Internet. So I want to DNAT. How can I do it? Pls assume that ip address that connects to Internet on firewall is 1.2.3.4and is attached to eth0. And ASTERISK BOX is 192.168.101.23 Then, What is the rule (PREROUTING) for it? What is the port to DNAT? I think udp 5060. So I have

Hi, I know these are a few iptbales questions. NOT CentOS, anyway, I am running a firewall on centos 5.x. If you can response, it would be fine. I want to add a SNAT rule for one user in LAN to access one particular destination on the internet. Let's say www.centos.org I added the below rule. But . it does NOT work Pls assume 1.2.3.4 is the real ip of the firewall. ip address

Where is the correct place to control what traffic is masq'ed out? This is what I have, but I was told the Forward chain isn't the right place to do this? iptables -A POSTROUTING -t nat -o $WAN -j MASQUERADE iptables -A FORWARD -i $WAN -o $LAN -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i $LAN -o $WAN -m state --state NEW,ESTABLISHED,RELATED -p tcp -m multiport

Hi all, I''ve got a BOX running CentOS 4.5. It acts as a firewall + router. I have installed both iptables and iproute2. I has 3 network cards. eth0 is connected to Internet (is has an internet ip. pls assume its ip is 1.2.3.4/29). it is a 256 Kbit link. eth1 is DMZ. its ip is 192.168.100.254 eth2 is LAN. Its ip is 192.168.101.254 I have alreday shaped traffic to 64 Kbit on eth1 for

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall ( i.e - its ip address - 1.2.3.4/29) to the internet ip

Hello, people. I read iptables tutorial and lartc, but i''m still confused with one trouble. May be this question was discussed already, so forward me solution, if is. So, there''s a trouble. I have debian etch linux. 2.6.18-4 kernel. On this computer i have three interfaces: eth0 - my lan, eth1, eth2 - providers. By default all internet traffic routed through eth2. But i

Hi all, I want to run vsftp behind a firewall.(i.e DMZ zone) . It is runnig as passive ftp. the theroy behind passive ftp is , - FTP server's port 21 from anywhere ( Client initiates connection) - FTP server's port 21 to ports > 1024 (Server responds to client's control port) - FTP server's ports > 1024 from anywhere (Client initiates data connection to

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall (i.e - its ip address - 1.2.3.4/29) to the internet ip

Hi, I want to block Yahoo Messenger, MSN messanger and Kazza with IPTABLES as my local network users always go there. How Can I do it? I am not runnig iptables as a script nor have I put anything in my rc.local. But instaed, I input the commands and save it by using the below cmmand /etc/init.d/iptables save and I restart it /etc/init.d/iptables restart My box runs on Cent OS 4.4. Help

Hi all, I want to run vsftp behind a firewall.(i.e DMZ zone) . It is runnig as passive ftp. the theroy behind passive ftp is , - FTP server''s port 21 from anywhere (Client initiates connection) - FTP server''s port 21 to ports > 1024 (Server responds to client''s control port) - FTP server''s ports > 1024 from anywhere (Client initiates data

Hi, I want to install dcc on CentOS 4.4 as I am ruunig Dual-Sendmail with amavisd-new. I am looking for DCC RPM pkg. I searchrd bit I could not find any RPM pkg. Pls help me to find DCC RPM pkg. Have you installed DCC on CentOS 4.4. then Pls guide me. -- Thank you Indunil Jayasooriya -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi, We have a 256 kbits/s (kilobits per second) link to the internet. it is a router running Linux that belongs to our ISP. They have given us 8 internet ips. (i.e- subnet is 255.255.255.248). one has been given to this router. I have given another internet ip to the firewall running CentOS 4.5. iptables is running on it. And also, I have installed iproute2 pkg as well. pls see below for

Hello everybody. I''m running linux 2.6.19 with nth match to alternatively snat outgoing connections to two different ip addresses for load balancing between two adsl lines: Here is: $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m multiport --dports 80,443 -m statistic --mode nth --every 2 -j SNAT --to adslA $IPTABLES -t nat -A POSTROUTING -s my_ip --protocol tcp -m multiport

Hi , I am ruuning Senmail with MailScanner on CentOS 4.4. It has updated to kernel 2.6.9-42.0.8.EL from its past kernel 2.6.9-42.0.3.EL. Now the Server can not boot up and gives the below error. mkrootdev: label / not found Mounting root filesystem mount: error 2 mouting ext3 switchroot: mount failed: 22 Kernel panic - not syncing: Attempted to kill init! But I can boot up from its

Hi, I am running squid as a TRANSEPARENT PROXY WITH SQUID 2.5 on CENTOS 4.5. Pls see below for squid.con file. http_port 3128 cache_mem 64 MB cache_dir ufs /var/spool/squid 100 16 256 cache_access_log /var/log/squid/access.log cache_log /var/log/squid/cache.log cache_store_log /var/log/squid/store.log # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS # Example rule

Hi all, I installed cups and samba on redhat 9. Printer has been attached to the linux box . We can print from the linux box. We can print from windows clients too. But My problem is that when we print from windows, printer starts printing. But I want to set them in the queue instead. Then I want to go to cups web interface and release jobs. How can I do it? This is urgent. Pls let me know as

Hi all, I would like to know has RedHat EL 5 been already released or is it still under beta version? When will CENT OS 5 be available to the world? -- Thank you Indunil Jayasooriya -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20070330/001cc6a7/attachment.html>

Hi iproute2, I have a network to reach which is 192.168.2.0/24. It is a branch of the company. I have currently added a route to that network via one gateway ( 192.168.0.254) in following way. ip route add 192.168.2.0/24 via 192.168.0.254 Now, We got another gateway which is 192.168.0.250. Now I want to add a route to the same network which is 192.168.2.0/24 via this gateway ( 192.168.0.250)

Hi all, I am lookng for a truble ticket to install on my Cents os 4.4 server. RPM is always prefferd. Souce is also welcome. Have you done somethink like this before? What are the packages that you recomend for me. -- Thank you Indunil Jayasooriya -------------- next part -------------- An HTML attachment was scrubbed... URL:

Hi, I tried to mount an audio cdrom to listen to its music. But It gives the below error. why is that ? -- [root at worldnet ~]# mount /dev/hdc /media/cdrom/ /dev/hdc: Input/output error mount: block device /dev/hdc is write-protected, mounting read-only /dev/hdc: Input/output error mount: /dev/hdc: can't read superblock [root at worldnet ~]# Thank you Indunil Jayasooriya -- Thank