Displaying 20 results from an estimated 5000 matches similar to: "Several IP''s, one mail and http server"
2007 Sep 25
7
DNAT PREROUTING issue with IPTABLES
Hi,
I have an DNAT ISSUE with PREROUTING.
This is my setup.
I have 2 firewalls running iptables.
Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall.
2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in
that DMZ zone, mail server runnig @ 192.168.100.3
Now I want to DNAT port 25 of FISRT firewall ( i.e - its ip address -
1.2.3.4/29) to the internet ip
2005 Nov 13
9
MSN keeps disconnecting with load balancing
Hi,
I have the my gateway with load balancing traffic going out over two
providers. Web browsing is fine...working great.
But, my clients (office staff) complains that MSN keeps disconnecting
(in 5 mins). Why?
Please help me...
Regards,
ro0ot
2005 Dec 07
3
Network Routing
Hi,
I have a linux router with 4 ethernet cards; eth0 through eth3. Basically,
all I want to do is route all traffic from eth2 to eth0, and all traffic
from eth1 to eth3.
I''ve looked through the LARTC how-to, specifically at chapter 4, about
multiple providers. However, I am still a bit confused, and not sure how to
set up my routing tables, as my scenario differs from the one in the
2007 Sep 19
1
major packet loss with htb
Hi,
got a 25/25Mbit connection which is quite stuffed. So I applied htb rules.
Uplink:
class htb 1:1 root rate 24500Kbit ceil 24500Kbit burst 4661b/8 mpu 0b
overhead 0b cburst 4661b/8 mpu 0b overhead 0b level 7
Sent 430600689269 bytes 730147320 pkt (dropped 0, overlimits 0 requeues 0)
rate 23057Kbit 5520pps backlog 0b 0p requeues 0
lended: 199673949 borrowed: 0 giants: 0
tokens: -964
2007 Oct 29
6
Fair que between 255 users
Hello guys
I have a subnet with 255 users, which need to share 1 single slow internet
connection, so i would like to implement a kind of *fair queuing *on the
UPLOAD between them, which means that they all share the connection
equally..
The tools that i have available is: A linux box with IPROUTE2,HTB and TC..
I have looked at some examples, and my first idea was to make 255 entries in
2006 Jan 02
4
RE: Fwd: Several IP''s, one mail and http server
You want multiple IP Addresses for email if you are hosting more than
one domain. The reason is, everyone now checks for reverse DNS with
email so you need a different public IP Address for each email domain.
This way, all the reverse DNS translations will be unique.
For apache, you can have multiple websites sharing the same IP Address
as long as you don''t do anything with SSL. SSL
2007 Oct 30
1
custom route for forwarded traffic
Hi,
I have two networks, users and servers connected via vpn (ipsec). Both
internal networks. The routing is fine and connections work both ways.
Accordingly both networks have a firewall each which faces the internet
and they create the vpn link between each other. Both firewalls have
only one external IP (if they had more, I wouldn''t be asking).
The servers network''s
2005 Oct 26
4
multipath routing
Hi, I am tring to us ip route to load balance between two interfaces.
ip route add equalize 10.200.1.0/24 nexthop via 10.200.0.2 dev neta nexthop via 10.200.0.2 dev neta2
Where neta and neta2 are gre tunnels. Testing show that packets travel in a single sided manner.
Do I need to use the multipath (IP_ROUTE_MULTIPATH_CACHED) module?
thx jason
2005 Dec 31
2
Routing multiple conntections to the same ISP
Hi,
I have established two connections to the same ISP. After that ip route list
showed this:
195.14.247.94 dev ppp0 proto kernel scope link src 81.173.141.207
195.14.247.94 dev ppp1 proto kernel scope link src 81.173.237.84
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.1
default via 195.14.247.94 dev ppp0
I want 192.168.0.2 to connect to the internet by ppp1 and all
2007 Oct 06
7
ipp2p segmentation fault
Hi all.
On Sep 26th I decided to try and get ipp2p working on my machine that acts as a gateway for my Internet connection.
This machine is running Debian.
I performed the install by doing the following steps:
- I installed the Debian package called linux-source-2.6.22 for my Linux kernel source and unpacked the resulting tar.bz2 file.
- From the netfilter.org site I downloaded the following
2004 Aug 10
11
who gives access? was: why ADD_DNAT_ALIASES missing?
hi,
there was some email problems and i repeat my question too fast, but
this is the second part of my questions.
- only the rules and policy files give access right? ie. rules in the
FORWARD chain of the filter table in iptables ?
- is a line in masq file automaticaly add an accept rule too? eg. in
msaq file
eth0 <internal ip>
allow connection from <internal ip> (local zona) to the
2004 Sep 30
2
2 DSL link, DNAT & SNAT
Sorry for the long descritpion of the problem, I''d like to know If I
misunderstand something or if I meet an intrinsic limit of my setup.
217.58.51.162 HDSL eth1 - SRV_XP: 192.168.254.10
eth0: 192.168.254.1 -----+------------------+-------
81.121.243.250 ADSL eth3 -
I want to allow incoming pptp request (port 1723) to be forwarded to
srv_xp
2010 May 08
3
setup firewall with 3 nic cards
I am trying to setup some rules on a box with 3 nic cards. Two internet
connections and one office connection.
eth0 is office
eth1 is internet T1
eth2 is internet Cable
when I do "iptables -F" then iptables -L everything is gone as it should be.
Then I do
iptables -t nat -A PREROUTING -p tcp -d $MYIP --dport 6550 -j DNAT --to
$INTERNAL_ADDRESS:6550
iptables -t nat -A POSTROUTING -d
2005 Jun 24
1
SNAT multiple IP to single internal IP and limiting access based on external IP
Hello all,
I have shorewall setup with 3 SNAT entries for external IP address''s to
a single IP internal address. I am wondering how to limit access based
on the source IP address.
ex.
EXT IP 1 access only to port 25
EXT IP 2 access only to port 443
EXT IP 3 access only to port 80
I have the SNAT setup correctly and I have 3 accept line in the rules
file (25,80,443) but I can hit
2005 Jun 26
1
Re: Shorewall-users Digest, Vol 31, Issue 48
On Friday 24 June 2005 20:57, Derek Vincent wrote:
>>Hello all,
>>
>>I have shorewall setup with 3 SNAT entries for external IP address''s to
>>a single IP internal address. I am wondering how to limit access based
>>on the source IP address.
>>ex.
>> EXT IP 1 access only to port 25
>> EXT IP 2 access only to port 443
>> EXT IP 3
2005 May 31
2
DNAT "without" SNAT?
Hi!
First of all, let me say a big "thank you" to Tom for creating
shorewall. I''ve been using it for a few months now and it''s such a
relief to not have to resort to OpenBSD''s pf (which is so much more sane
than Linux'' iptables madness) for the most basic firewalling tasks.
I have a question that I didn''t seem to be able to find in the FAQ.
2004 Nov 15
3
source policy routing going to wrong path
Hi,
Below is my Linux firewall network configuration: -
eth0 - isp 1, IP: 1.1.1.10, Netmask: 255.255.255.252
eth1 - isp 2, IP: 2.2.2.10, Netmask: 255.255.255.252
eth2 - lan, IP: 172.16.0.254, Netmask: 255.255.255.0
eth3 - dmz, 192.168.0.254, Netmask: 255.255.255.0
isp 1 gateway: 1.1.1.9
isp 2 gateway: 2.2.2.9
Below is my iptables rules: -
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables
2006 Aug 03
28
[Bug 498] RTP packets are not hitting NAT table
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=498
cfilin@intermedia.net changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |chip@innovates.com
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are
2008 Dec 04
4
iptables questionson CentOS
Hi,
I know these are a few iptbales questions. NOT CentOS, anyway, I am
running a firewall on centos 5.x.
If you can response, it would be fine.
I want to add a SNAT rule for one user in LAN to access one particular
destination on the internet.
Let's say www.centos.org
I added the below rule. But . it does NOT work
Pls assume 1.2.3.4 is the real ip of the firewall.
ip address
2020 Feb 27
9
[Bug 1410] New: STATELESS, rules with notrack into a map
https://bugzilla.netfilter.org/show_bug.cgi?id=1410
Bug ID: 1410
Summary: STATELESS, rules with notrack into a map
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: nft
Assignee: pablo at