similar to: mark bag packets - iptables

Hi, I am setting up a firewall on CENTOS 4.4. I have done default block iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP I have enabled ICMP to www.google.com iptables -A OUTPUT -p icmp -d 64.233.189.104 -j ACCEPT iptables -A INPUT -p icmp -s 64.233.189.104 -j ACCEPT Ping works fine as below [root at firebox rc.d]# ping 64.233.189.104 PING 64.233.189.104 (

On Mon, June 25, 2007 08:00, centos-request at centos.org wrote: > Send CentOS mailing list submissions to > centos at centos.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.centos.org/mailman/listinfo/centos > or, via email, send a message with subject or body 'help' to > centos-request at centos.org > > You can reach the

Hi all, That issue is over now. I found why my ESTABLISHED,RELATED rule at the top of INPUT chain did not work for udp and icmp. The reason was I have included the protocol as tcp as below iptables -A INPUT -i eth0 -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT I removed -p tcp from above rule. Now it works for all protocols. Thanks for your support. ---------- Forwarded message

Hey Marek, I´know that i must to works whith the INGRESS (instead of EGRESS), i´ve well formed my kernel. My others TC rules for source IP address (not for MAC address) does work fine...!!!, the problem is whith the MAC because is a not "IP PROTOCOL" and for that i must to use the "u32/u16 match" to solve it, and if i make an analogy from my others INGRESS rules applied to Src

Hi, I want to block Yahoo Messenger, MSN messanger and Kazza with IPTABLES as my local network users always go there. How Can I do it? I am not runnig iptables as a script nor have I put anything in my rc.local. But instaed, I input the commands and save it by using the below cmmand /etc/init.d/iptables save and I restart it /etc/init.d/iptables restart My box runs on Cent OS 4.4. Help

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall (i.e - its ip address - 1.2.3.4/29) to the internet ip

Maybe this don't to be the best form to solve your problem, but worked,rs. #!/bin/bash #power by Diego Rodrigues totalFileOne=$(wc -l file1 | cut -d" " -f1) totalFileTwo=$(wc -l file2 | cut -d" " -f1) count=0 if [ ! "${totalFileOne}" -eq "${totalFileTwo}" ];then echo "The two files need of same number of lines" exit 1 fi for

Hi, I tried to mount an audio cdrom to listen to its music. But It gives the below error. why is that ? -- [root at worldnet ~]# mount /dev/hdc /media/cdrom/ /dev/hdc: Input/output error mount: block device /dev/hdc is write-protected, mounting read-only /dev/hdc: Input/output error mount: /dev/hdc: can't read superblock [root at worldnet ~]# Thank you Indunil Jayasooriya -- Thank

Thanks . SOLVED. ---------- Forwarded message ---------- From: Akemi Yagi <amyagi at gmail.com> Date: Jun 29, 2007 10:51 AM Subject: Re: [CentOS] where is smbmount on centOS 5 To: CentOS mailing list < centos at centos.org> On 6/28/07, Indunil Jayasooriya <indunil75 at gmail.com> wrote: > Hi, > > I am searching smbmount command on centOS 5. > > On, CENTOS 4.4,

I disabled selinux On 2/23/07, Miguel Angel Amador L <jokercl at gmail.com> wrote: > > On 2/23/07, Indunil Jayasooriya <indunil75 at gmail.com> wrote: > > Hi, > > > > I installed openwebmail on centOS 4.4 using tarballs > > > > CGI.pm-3.05.tar.gz > > MIME-Base64-3.01.tar.gz > > libnet-1.19.tar.gz > > Text-Iconv-1.2.tar.gz >

Hi, I know these are a few iptbales questions. NOT CentOS, anyway, I am running a firewall on centos 5.x. If you can response, it would be fine. I want to add a SNAT rule for one user in LAN to access one particular destination on the internet. Let's say www.centos.org I added the below rule. But . it does NOT work Pls assume 1.2.3.4 is the real ip of the firewall. ip address

Hi all, I would like to know has RedHat EL 5 been already released or is it still under beta version? When will CENT OS 5 be available to the world? -- Thank you Indunil Jayasooriya -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20070330/001cc6a7/attachment.html>

Hi , Help is needed to restore mysql data This is the the setup. 2 Servers running on CentOS. one server has both apache an mysql. the other server only has mysql database. This server has about 12000 records in the database. Last week, It had about 6000 records. then, Someone has backed up these 6000 records to the web server. Now , We need to backup all 12000 records to the webserver.

There's probably a better way using join, but this should do the trick: paste <(cat file1 | tr "\n" ' ') <(cat file2 | tr "\n" " ") On Tue, 07 Jun 2016 12:19:14 +0000 Diego <diegofull at gmail.com> wrote: > Maybe this don't to be the best form to solve your problem, but worked,rs. > > #!/bin/bash > #power by Diego Rodrigues

I am having below 3 rules for Logging with iptables . They are INPUT,FORWARD and OUTPUT chains. #Log INPUT chain iptables -A INPUT -j LOG --log-level 7 --log-prefix "INPUT: " #Log FORWARD chain iptables -A FORWARD -j LOG --log-level 7 --log-prefix "FORWARD: " #Log OUTPUT chain iptables -A OUTPUT -j LOG --log-level 7 --log-prefix "OUTPUT: " In addition to that, I

Hi All, I am running CentOS5 . Yum pkg was installed by deault fresh installation. pls see below for installed yum pkgs. [root at mailgw ~]# rpm -qa |grep yum yum-updatesd-3.0.5-1.el5.centos.2 yum-3.0.5-1.el5.centos.2 later, I installed below pkg for protection. yum-protectbase-1.0.4-2.el5.centos Now, everything works. But, in this vershion of yum, It has no crontab running. It has a file

-------- Original Message -------- Subject: Re: [LARTC] DNAT rule for vsftp (PASSIVE FTP) Date: Fri, 05 Oct 2007 12:17:42 +0530 From: Mohan Sundaram <smohan@vsnl.com> Reply-To: smohan@vsnl.com To: Indunil Jayasooriya <indunil75@gmail.com> References: <7ed6b0aa0710042251u6442fb85ma74e46aa9d3f81f9@mail.gmail.com> Indunil Jayasooriya wrote: > Hi all, > > I want to run

Hi All, Thanks eveyone. I had a fresh installation. My box behind the firewall. it has a private ip. So irst o all, I setup DNS on that box and add that ip ( 192.168.101.38) to /etc/resolve.conf. the below URL helped me. http://wiki.zimbra.com/index.php?title=Beginner%27s_Guide_to_installing_Zimbra_on_Ubuntu_6.06_Server Then, ran Zimbra. It went all the way long successully. So I now have

Hi, I am searching smbmount command on centOS 5. On, CENTOS 4.4, I used it as follows to backup data to a window PC. I want to do it on CentOS 5 now. mount -t smbfs -o ip=192.168.5.225,username=mailbackup,password=secret //server/mail_backups /mnt/maildaily I can not issue such command on centos 5. When I try , It gives below error. [root at mail ~]# mount -t smbfs -o

Hi Paolo Malfatti, Thanks for your script. It works fine. I get what I expect. THANK you all the way until it comes to an end. FOR the benifit for evryone in the LIST. HERE IS the SCRIPT AGAIN. INTERFAZ_LAN=eth0 FULLBANDWIDTH=256 BANDWIDTH4LAN=64 tc qdisc del root dev $INTERFAZ_LAN tc qdisc add dev $INTERFAZ_LAN root handle 1 htb r2q 4 tc class add dev $INTERFAZ_LAN parent 1: classid 1:2