iptables help needed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

	G'day all,
		I've been plugging away at this for some time and have no idea which
direction to turn.  The iptables on a gateway box (FC6) is blocking
access to the internet from a laptop (F8).  On each attempt to access
the internet, the gateway responds with a reset.

	I have turned on everything in iptables using lokkit and
system-config-iptables, with some hand editing to boot (guided by
various howto's), probably allowing more than I need, but cannot get the
laptop out through the firewall.  

	Any help will be greatly appreciated.

	Port forwarding is on, internet is ppp0, lan is eth0.  The rules I've
ended up with follow:

[root@ipex ~]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     esp  --  anywhere             anywhere
ACCEPT     ah   --  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp
dpt:mdns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:ssh
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:telnet
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:smtp
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:http
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:https
ACCEPT     udp  --  anywhere             anywhere            state NEW
udp dpt:netbios-ns
ACCEPT     udp  --  anywhere             anywhere            state NEW
udp dpt:netbios-dgm
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:netbios-ssn
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:microsoft-ds
ACCEPT     tcp  --  anywhere             anywhere            state NEW
tcp dpt:nfs
REJECT     all  --  anywhere             anywhere            reject-with
icmp-host-prohibited
[root@ipex ~]# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
[root@ipex ~]#   
-- 
'ooroo
Simon
Registered Linux User #463789. Sign up at: http://counter.li.org/ 

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux