Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[iptables] cannot get from router to network (solved)
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
ryceck
Apprentice
Apprentice


Joined: 13 Jan 2004
Posts: 195
PostPosted: Fri Jul 16, 2004 6:25 pm    Post subject: [iptables] cannot get from router to network (solved) Reply with quote
I have configured my gentoo-server with iptables to make it a firewall and nat-router which works perfect. All the clients can get to the internet without a problem and external the necessary ports are opened for administrative use. But I can't get from my router to the internal network.
Code:

Chain INPUT (policy DROP 103 packets, 27729 bytes)
 pkts bytes target     prot opt in     out     source               destination
 210K   54M ACCEPT     all  --  eth1   any     anywhere             anywhere            state RELATED,ESTABLISHED
27798 2340K ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:ssh
  122  8054 ACCEPT     udp  --  eth1   any     anywhere             anywhere            udp dpt:domain
    3   180 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:domain
    3   180 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:https
    0     0 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:3389
    3   180 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:imaps
  294 16772 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:www
10043 3765K ACCEPT     all  --  lo     any     anywhere             anywhere
  168 21406 ACCEPT     tcp  --  eth0   any     anywhere             anywhere            tcp dpt:www
  265 24782 ACCEPT     tcp  --  eth0   any     anywhere             anywhere            tcp dpt:imaps
   39  5000 ACCEPT     tcp  --  eth0   any     anywhere             anywhere            tcp dpt:smtp
   11   660 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:smtp
   19   981 ACCEPT     tcp  --  eth0   any     anywhere             anywhere            tcp dpt:domain
  544 35453 ACCEPT     udp  --  eth0   any     anywhere             anywhere            udp dpt:domain
    5   264 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:pop3
 228K  322M ACCEPT     tcp  --  eth0   any     anywhere             anywhere            tcp dpt:3632
    9   432 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:6881
    0     0 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:6882
    0     0 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:6883
    0     0 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:6884
    0     0 ACCEPT     tcp  --  eth1   any     anywhere             anywhere            tcp dpt:6885
    2   120 ACCEPT     icmp --  eth1   any     anywhere             anywhere
    5   420 ACCEPT     icmp --  eth0   any     anywhere             anywhere

Chain FORWARD (policy ACCEPT 3554 packets, 194K bytes)
 pkts bytes target     prot opt in     out     source               destination
3972K 1590M ACCEPT     all  --  eth0   eth1    anywhere             anywhere
5428K 6015M ACCEPT     all  --  eth1   eth0    anywhere             anywhere            state RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT 1065K packets, 578M bytes)
 pkts bytes target     prot opt in     out     source               destination
   10  1258 ACCEPT     all  --  any    eth0    anywhere             anywhere


The last OUTPUT line is not necessary but I thought the problem was there.
When I set the policy on INPUT to ACCEPT it works... but when set to DROP I cant connect to ssh or anything else on a machine in my local network.
What can cause this problem, and more importantly, which iptables rule am I missing...?

[edit]
ME n00b u 1337..... I suddenly saw it:
Code:

iptables -A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT

Of course this solves the problem, the related ports to established connections are let through... which is kinda needed when u set up telnet or something like that :)

Sorry for the inconvenience
[/edit]
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy