Show posts

#46

Users / Re: firewall/port forwarding issue (??)

April 14, 2008, 08:45:21 AM

Quote from: nswint on April 12, 2008, 10:48:47 PM
I was unable to get it to work after much tweaking. I would suggest to the developers to check out the webmin linux firewall module page and consider rewriting the firewall portion adding remote assistance in the mix, denying everything that is not explicitly added.

http://doxfer.com/Webmin/LinuxFirewall

So, @nswint, your port forwarding works with this "Doxfer-Webmin" upgrade...or whatever it is...??

#47

Users / Re: firewall/port forwarding issue (??)

April 02, 2008, 09:10:24 AM

is there anyone, that has a working port forwarding??? anyone???

#48

Installation issues / Re: via epia sn18000g boot problem

March 31, 2008, 11:54:19 PM

Quote from: Zaerc on March 31, 2008, 10:48:22 PM
Does that board by any chance have 2 NICS?

yes, it has....

EDIT: sorry for disturbing - i disabled the 10/100mbit interface, now "we anounced ourselfes to the router"!!!

#49

Installation issues / via epia sn18000g boot problem (SOLVED)

March 31, 2008, 08:20:45 PM

Ok!

I received my NEW VIA EPIA 18000G today...

I "trew away" my "old" via epia 6000 ML, and went to my bedroom, all happy to try my new toy...

and then...

at boot sequence it starts to looping/repeating following text:
****************
IP-Config: eth0 complete (from 192.168.80.1):
address: 192.168.80.252 broadcast: 192.168.80.255
getaway: 192.168.80.1 dns0 : 192.168.80.1
rootserver: 192.168.80.1 rootpath:
filename : /tftpboot/pxelinux.0
IP-Config: eth0 complete (from 192.168.80.1):
address: 192.168.80.252 broadcast: 192.168.80.255
getaway: 192.168.80.1 dns0 : 192.168.80.1
rootserver: 192.168.80.1 rootpath:
filename : /tftpboot/pxelinux.0
IP-Config: eth0 complete (from 192.168.80.1):
address: 192.168.80.252 broadcast: 192.168.80.255
getaway: 192.168.80.1 dns0 : 192.168.80.1
rootserver: 192.168.80.1 rootpath:
filename : /tftpboot/pxelinux.0
....
********************

no end to see...

the file pxelinux.0 is there...

?!?!?!?

#50

Users / Re: firewall/port forwarding issue (??)

March 31, 2008, 07:45:56 PM

i ain't letting it go...

Can i set this port forwarding issues with a tool like guidedog or some???

#51

Users / Re: firewall/port forwarding issue (??)

March 30, 2008, 09:02:54 PM

also, here is my iptables -L -v -n -t nat:

Quote
linuxmce@dcerouter:~$ sudo iptables -L -v -n -t nat
Chain PREROUTING (policy ACCEPT 304K packets, 19M bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:4000 to:192.168.80.15:4000
21 1092 DNAT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4001 to:192.168.80.15:4001
0 0 DNAT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:5901 to:192.168.80.2:5900

Chain POSTROUTING (policy ACCEPT 2144K packets, 157M bytes)
pkts bytes target prot opt in out source destination
2834 172K MASQUERADE 0 -- * eth1 192.168.80.0/24 !192.168.80.0/24

Chain OUTPUT (policy ACCEPT 2144K packets, 157M bytes)
pkts bytes target prot opt in out source destination

#52

Users / Re: firewall/port forwarding issue (??)

March 29, 2008, 01:30:52 AM

OK, i reinstalled the CORE, switched the network interfaces, the port frwarding still doesn't work...

here is my configuration:

Quoteudp    4569 to 0    0        core_input        Delete
udp    5060 to 0    0       core_input       Delete
udp    2000 to 0    0       core_input       Delete
tcp    2000 to 0    0       core_input       Delete
udp    0 to 8000    0    0    core_input       Delete
tcp    0 to 8000    0    0    core_input       Delete
udp    4000 to 4000    4000    192.168.80.15    port_forward       Delete
tcp    4001 to 4001    4001    192.168.80.15    port_forward       Delete
udp    5901 to 5901    5900    192.168.80.2    port_forward       Delete

Clues maybe?

#53

Users / Re: firewall/port forwarding issue (??)

March 21, 2008, 09:34:24 AM

Quote from: Zaerc on March 21, 2008, 12:53:02 AM
Looks all fine to me, the only thing I can think of when reading back is that you said in your original post that the ip-numbers of the Dreamboxes were .5-.7 and now you have forwarded to .2-.4, have thier IP#s been changed in the mean time?

Hi!

No, these 5-7 were only given as samples... The real IP's are from 192.168.80.2-4, like in these last replies... Could i try with some other firewall?? Like Firestarter???

#54

Users / Re: firewall/port forwarding issue (??)

March 21, 2008, 12:33:52 AM

Quote from: Zaerc on March 21, 2008, 12:04:07 AM
Not by default, but in your setup it is (from the looks of it). Can you show me the output of "ifconfig -a" and "route -n" as well?

ifconfig -a

Quoteeth0 Link encap:Ethernet HWaddr 00:17:3F:08:F1:C2
inet addr:192.168.80.1 Bcast:192.168.80.255 Mask:255.255.255.0
inet6 addr: fe80::217:3fff:fe08:f1c2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:137706684 errors:0 dropped:0 overruns:0 frame:0
TX packets:137702986 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:28789092929 (26.8 GB) TX bytes:49099482456 (45.7 GB)
Interrupt:16

eth1 Link encap:Ethernet HWaddr 00:1D:7D:24:63:1E
inet addr:192.168.0.31 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::21d:7dff:fe24:631e/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1183078 errors:0 dropped:0 overruns:0 frame:0
TX packets:1017106 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:504100098 (480.7 MB) TX bytes:99105386 (94.5 MB)
Interrupt:23 Base address:0x2000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1662923 errors:0 dropped:0 overruns:0 frame:0
TX packets:1662923 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:198434028 (189.2 MB) TX bytes:198434028 (189.2 MB)

and route -n

Quote
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.80.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 100 0 0 eth1

#55

Users / Re: firewall/port forwarding issue (??)

March 20, 2008, 11:57:33 PM

Hmmm, eth1 is "the outside NIC"... is it right???

#56

Users / Re: firewall/port forwarding issue (??)

March 20, 2008, 04:18:35 PM

Hi!

So. my last setup is as follows:
on the dsl modem/router i set a ip of the core as the only ip exposed (DMZ) to the internet...

On the core i enabled firewall and set as follows:

Quote
udp    5902 to 5902    5900    192.168.80.2    port_forward        Delete
udp    5903 to 5903    5900    192.168.80.3    port_forward       Delete
udp    5904 to 5904    5900    192.168.80.4    port_forward       Delete
tcp    0 to 9000    0    0    core_input       Delete
udp    0 to 9000    0    0    core_input       Delete
udp    4000 to 4000    4000    192.168.80.15    port_forward       Delete
tcp    4001 to 4001    4001    192.168.80.15    port_forward       Delete

Now, i can get to the core, but no way to access another computer on lan...

The result of: iptables -L -v -n -t nat

Quote
linuxmce@dcerouter:~$ sudo iptables -L -v -n -t nat
Chain PREROUTING (policy ACCEPT 1039 packets, 69033 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:5902 to:192.168.80.2:5900
0 0 DNAT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:5903 to:192.168.80.3:5900
0 0 DNAT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:5904 to:192.168.80.4:5900
0 0 DNAT udp -- eth1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:4000 to:192.168.80.15:4000
0 0 DNAT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4001 to:192.168.80.15:4001

Chain POSTROUTING (policy ACCEPT 5160 packets, 378K bytes)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE 0 -- * eth1 192.168.80.0/24 !192.168.80.0/24

Chain OUTPUT (policy ACCEPT 5160 packets, 378K bytes)
pkts bytes target prot opt in out source destination

#57

Users / Re: firewall/port forwarding issue (??)

March 19, 2008, 08:06:31 AM

Quote from: orionsune on March 18, 2008, 10:53:39 PM
Unless you have your firewall disabled already, in that case I don't have any suggestions other than researching how to use iptables on the command line to implement your forwarding rules.

Thank's orionsune... the problem is, my firewall is allready disabled....

Oh, another Q: can i set these fowarding and aother rules with another app on my server?? like Firestarter - http://en.wikipedia.org/wiki/Firestarter_%28firewall%29 or etc???

#58

Users / Re: firewall/port forwarding issue (??)

March 18, 2008, 11:00:53 PM

oh... i think that would be too much for me right now....

well... hope not...

#59

Users / Re: firewall/port forwarding issue (??)

March 18, 2008, 10:33:39 PM

Quote from: orionsune on March 18, 2008, 10:17:02 PM
There are 2 different rules involved, one tells the core to accept traffic on that port... the other tells it to forward those ports to said IP.

You can just do a range of 5901-5903 and use "core_input" rule instead of the "port_forward", need both.

Hmmm orionsune... these upper rules i think were added thru remote assistance, that i enabled... I can remove them...

This range 5901-5903 that you are talking about and core_input... How to send the data forward to the boxes if there is only core_input and a range???

#60

Users / Re: firewall/port forwarding issue (??)

March 18, 2008, 09:52:06 PM

Quote from: Zaerc on March 18, 2008, 11:57:14 AM
can you show us the output of the following command?:
Code Select Expand
iptables -L -v -n

Hi zaerc...

here is the result:

Quote
linuxmce@dcerouter:~$ sudo iptables -L -v -n
Chain INPUT (policy DROP 49235 packets, 16M bytes)
pkts bytes target prot opt in out source destination
476K 62M ACCEPT 0 -- lo * 0.0.0.0/0 0.0.0.0/0
39M 7567M ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 MARK match 0x1
17 6069 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
120K 7992K ACCEPT 0 -- * * 192.168.80.0/24 0.0.0.0/0
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:4569
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:5060
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:2000
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2000

Chain FORWARD (policy ACCEPT 25723 packets, 23M bytes)
pkts bytes target prot opt in out source destination
0 0 TCPMSS tcp -- * ppp+ 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU

Chain OUTPUT (policy ACCEPT 39M packets, 14G bytes)
pkts bytes target prot opt in out source destination

and the copy of my "firewall settings" page:

Quote
protocol    Source Port    Destination Port    Destination IP    Rule Type    Limit to IP
udp    4569 to 0    0       core_input       Delete
udp    5060 to 0    0       core_input       Delete
udp    2000 to 0    0       core_input       Delete
tcp    2000 to 0    0       core_input       Delete
udp    3500 to 4500    4000    192.168.80.15    port_forward       Delete
tcp    3500 to 4500    4000    192.168.80.15    port_forward       Delete
udp    5901 to 5901    5900    192.168.80.1    port_forward       Delete
udp    5902 to 5902    5900    192.168.80.2    port_forward       Delete
udp    5903 to 5903    5900    192.168.80.3    port_forward       Delete
udp    5904 to 5904    5900    192.168.80.4    port_forward       Delete

LinuxMCE Forums

News:

Messages - simon_b

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Installation issues / Re: via epia sn18000g boot problem

Installation issues / via epia sn18000g boot problem (SOLVED)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)

Users / Re: firewall/port forwarding issue (??)