similar to: Several IP''s, one mail and http server

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall ( i.e - its ip address - 1.2.3.4/29) to the internet ip

Hi, I have the my gateway with load balancing traffic going out over two providers. Web browsing is fine...working great. But, my clients (office staff) complains that MSN keeps disconnecting (in 5 mins). Why? Please help me... Regards, ro0ot

Hi, I have a linux router with 4 ethernet cards; eth0 through eth3. Basically, all I want to do is route all traffic from eth2 to eth0, and all traffic from eth1 to eth3. I''ve looked through the LARTC how-to, specifically at chapter 4, about multiple providers. However, I am still a bit confused, and not sure how to set up my routing tables, as my scenario differs from the one in the

Hi, got a 25/25Mbit connection which is quite stuffed. So I applied htb rules. Uplink: class htb 1:1 root rate 24500Kbit ceil 24500Kbit burst 4661b/8 mpu 0b overhead 0b cburst 4661b/8 mpu 0b overhead 0b level 7 Sent 430600689269 bytes 730147320 pkt (dropped 0, overlimits 0 requeues 0) rate 23057Kbit 5520pps backlog 0b 0p requeues 0 lended: 199673949 borrowed: 0 giants: 0 tokens: -964

Hello guys I have a subnet with 255 users, which need to share 1 single slow internet connection, so i would like to implement a kind of *fair queuing *on the UPLOAD between them, which means that they all share the connection equally.. The tools that i have available is: A linux box with IPROUTE2,HTB and TC.. I have looked at some examples, and my first idea was to make 255 entries in

You want multiple IP Addresses for email if you are hosting more than one domain. The reason is, everyone now checks for reverse DNS with email so you need a different public IP Address for each email domain. This way, all the reverse DNS translations will be unique. For apache, you can have multiple websites sharing the same IP Address as long as you don''t do anything with SSL. SSL

Hi, I have two networks, users and servers connected via vpn (ipsec). Both internal networks. The routing is fine and connections work both ways. Accordingly both networks have a firewall each which faces the internet and they create the vpn link between each other. Both firewalls have only one external IP (if they had more, I wouldn''t be asking). The servers network''s

Hi, I am tring to us ip route to load balance between two interfaces. ip route add equalize 10.200.1.0/24 nexthop via 10.200.0.2 dev neta nexthop via 10.200.0.2 dev neta2 Where neta and neta2 are gre tunnels. Testing show that packets travel in a single sided manner. Do I need to use the multipath (IP_ROUTE_MULTIPATH_CACHED) module? thx jason

Hi, I have established two connections to the same ISP. After that ip route list showed this: 195.14.247.94 dev ppp0 proto kernel scope link src 81.173.141.207 195.14.247.94 dev ppp1 proto kernel scope link src 81.173.237.84 192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.1 default via 195.14.247.94 dev ppp0 I want 192.168.0.2 to connect to the internet by ppp1 and all

Hi all. On Sep 26th I decided to try and get ipp2p working on my machine that acts as a gateway for my Internet connection. This machine is running Debian. I performed the install by doing the following steps: - I installed the Debian package called linux-source-2.6.22 for my Linux kernel source and unpacked the resulting tar.bz2 file. - From the netfilter.org site I downloaded the following

hi, there was some email problems and i repeat my question too fast, but this is the second part of my questions. - only the rules and policy files give access right? ie. rules in the FORWARD chain of the filter table in iptables ? - is a line in masq file automaticaly add an accept rule too? eg. in msaq file eth0 <internal ip> allow connection from <internal ip> (local zona) to the

Sorry for the long descritpion of the problem, I''d like to know If I misunderstand something or if I meet an intrinsic limit of my setup. 217.58.51.162 HDSL eth1 - SRV_XP: 192.168.254.10 eth0: 192.168.254.1 -----+------------------+------- 81.121.243.250 ADSL eth3 - I want to allow incoming pptp request (port 1723) to be forwarded to srv_xp

I am trying to setup some rules on a box with 3 nic cards. Two internet connections and one office connection. eth0 is office eth1 is internet T1 eth2 is internet Cable when I do "iptables -F" then iptables -L everything is gone as it should be. Then I do iptables -t nat -A PREROUTING -p tcp -d $MYIP --dport 6550 -j DNAT --to $INTERNAL_ADDRESS:6550 iptables -t nat -A POSTROUTING -d

Hello all, I have shorewall setup with 3 SNAT entries for external IP address''s to a single IP internal address. I am wondering how to limit access based on the source IP address. ex. EXT IP 1 access only to port 25 EXT IP 2 access only to port 443 EXT IP 3 access only to port 80 I have the SNAT setup correctly and I have 3 accept line in the rules file (25,80,443) but I can hit

On Friday 24 June 2005 20:57, Derek Vincent wrote: >>Hello all, >> >>I have shorewall setup with 3 SNAT entries for external IP address''s to >>a single IP internal address. I am wondering how to limit access based >>on the source IP address. >>ex. >> EXT IP 1 access only to port 25 >> EXT IP 2 access only to port 443 >> EXT IP 3

Hi! First of all, let me say a big "thank you" to Tom for creating shorewall. I''ve been using it for a few months now and it''s such a relief to not have to resort to OpenBSD''s pf (which is so much more sane than Linux'' iptables madness) for the most basic firewalling tasks. I have a question that I didn''t seem to be able to find in the FAQ.

Hi, Below is my Linux firewall network configuration: - eth0 - isp 1, IP: 1.1.1.10, Netmask: 255.255.255.252 eth1 - isp 2, IP: 2.2.2.10, Netmask: 255.255.255.252 eth2 - lan, IP: 172.16.0.254, Netmask: 255.255.255.0 eth3 - dmz, 192.168.0.254, Netmask: 255.255.255.0 isp 1 gateway: 1.1.1.9 isp 2 gateway: 2.2.2.9 Below is my iptables rules: - echo 1 > /proc/sys/net/ipv4/ip_forward iptables

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=498 cfilin@intermedia.net changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |chip@innovates.com -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are

Hi, I know these are a few iptbales questions. NOT CentOS, anyway, I am running a firewall on centos 5.x. If you can response, it would be fine. I want to add a SNAT rule for one user in LAN to access one particular destination on the internet. Let's say www.centos.org I added the below rule. But . it does NOT work Pls assume 1.2.3.4 is the real ip of the firewall. ip address

https://bugzilla.netfilter.org/show_bug.cgi?id=1410 Bug ID: 1410 Summary: STATELESS, rules with notrack into a map Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: enhancement Priority: P5 Component: nft Assignee: pablo at