Advertising
- tim
- Sunday, September 16th, 2012 at 6:39:02pm UTC
- Welcome to Ubuntu 12.04.1 LTS (GNU/Linux 3.2.0-29-generic-pae i686)
- * Documentation: https://help.ubuntu.com/
- System information as of Sun Sep 16 18:05:39 SAST 2012
- System load: 0.12 Processes: 63
- Usage of /: 2.9% of 72.97GB Users logged in: 0
- Memory usage: 1% IP address for eth0: 192.168.0.15
- Swap usage: 0% IP address for eth1: 172.168.2.1
- Graph this data and manage this system at https://landscape.canonical.com
- [email protected]:~# cat /etc/network/interfaces
- auto lo
- iface lo inet loopback
- auto eth0
- iface eth0 inet static
- address 192.168.0.15
- netmask 255.255.255.0
- gateway 192.168.0.1
- dns-nameservers 196.28.182.20 196.28.75.220
- pre-up /sbin/iptables-restore < /etc/iptables.rules
- auto eth1
- iface eth1 inet static
- address 172.168.2.1
- netmask 255.255.255.0
- [email protected]:~# cat/etc/iptables.rules
- -su: cat/etc/iptables.rules: No such file or directory
- [email protected]:~# cat /etc/iptables.rules
- *filter
- :INPUT DROP [0:0]
- :FORWARD ACCEPT [4038487:3114149919]
- :OUTPUT ACCEPT [161741:31953053]
- -A INPUT -i lo -j ACCEPT
- -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 2124 -j ACCEPT
- -A INPUT -s 172.168.2.0/255.255.255.0 -j ACCEPT
- -A INPUT -j DROP
- COMMIT
- *nat
- :PREROUTING ACCEPT [57491:5055636]
- :POSTROUTING ACCEPT [4975:340111]
- :OUTPUT ACCEPT [4729:328699]
- -A PREROUTING -i eth0 -p tcp -m tcp --dport 3389 -j DNAT --to-destination 172.168.2.120
- -A PREROUTING -i eth0 -p tcp -m tcp --dport 3388 -j DNAT --to-destination 172.168.2.121
- -A POSTROUTING -d 172.168.2.120 -p tcp -m tcp --dport 3389 -j SNAT --to-source 192.168.0.15
- -A POSTROUTING -d 172.168.2.121 -p tcp -m tcp --dport 3388 -j SNAT --to-source 192.168.0.15
- -A POSTROUTING -s 172.168.2.0/24 -p tcp -m tcp -m multiport --dports 25,53,143,995,587,443,465,2124 -j SNAT --to-source 192.168.0.15
- -A POSTROUTING -s 172.168.2.0/24 -p udp -m udp -m multiport --dports 53,123 -j SNAT --to-source 192.168.0.15
- COMMIT
- [email protected]:~# iptables -L
- Chain INPUT (policy DROP)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere
- ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
- ACCEPT tcp -- anywhere anywhere tcp dpt:2124
- ACCEPT all -- ACA80200.ipt.aol.com/24 anywhere
- DROP all -- anywhere anywhere
- Chain FORWARD (policy ACCEPT)
- target prot opt source destination
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- [email protected]:~# iptables -L -v
- Chain INPUT (policy DROP 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
- 0 0 ACCEPT all -- lo any anywhere anywhere
- 252 20422 ACCEPT all -- any any anywhere anywhere state RELATED,ESTABLISHED
- 3 148 ACCEPT tcp -- any any anywhere anywhere tcp dpt:2124
- 4 336 ACCEPT all -- any any ACA80200.ipt.aol.com/24 anywhere
- 33 10824 DROP all -- any any anywhere anywhere
- Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
- pkts bytes target prot opt in out source destination
- Chain OUTPUT (policy ACCEPT 194 packets, 24105 bytes)
- pkts bytes target prot opt in out source destination
advertising
Update the Post
Either update this post and resubmit it with changes, or make a new post.
You may also comment on this post.
Please note that information posted here will not expire by default. If you do not want it to expire, please set the expiry time above. If it is set to expire, web search engines will not be allowed to index it prior to it expiring. Items that are not marked to expire will be indexable by search engines. Be careful with your passwords. All illegal activities will be reported and any information will be handed over to the authorities, so be good.
