Getting access out through gateway

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

	G'day everyone,
			Here is a problem I've struggled with for some time now and have run
out of ideas.  Hopefully someone can point me in the right direction.

	An acer laptop with F8 needs updating and has internet access via a
dialup connection to a box running FC6.  Running Wireshark on the laptop
when a connection with Firefox is attempted shows the gateway returning
a packet with: 

ICMP Destination unreachable (Host administratively prohibited).

This points to a REJECT target in the iptables, of which there is only
one.  Yet with iptables stopped, there is still no connection, with the
gateway returning a packet with TCP flags: [RST, ACK].

	Is the problem with the laptop or the gateway box? Here are the
iptables rules.

[root@Ipex ~]# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

[root@Ipex ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere
ACCEPT     all  --  192.168.0.0/24       anywhere
ACCEPT     all  --  anywhere             192.168.0.0/24
DROP       all  -- !192.168.0.0/24       anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     esp  --  anywhere             anywhere
ACCEPT     ah   --  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp
dpt:mdns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:nfs
ACCEPT     udp  --  anywhere             anywhere            state NEW
udp dpt:netbios-ns
ACCEPT     udp  --  anywhere             anywhere            state NEW
udp dpt:netbios-dgm
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:netbios-ssn
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:microsoft-ds
REJECT     all  --  anywhere             anywhere            reject-with
icmp-host-prohibited
[root@Ipex ~]#

	All suggestions eagerly and gratefully anticipated.

-- 
'ooroo
Simon
Registered Linux User #463789. Sign up at: http://counter.li.org/ 

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux