IRC Logs

  Linux | FreeBSD | Gentoo | PHP | Python | MySQL

IRC Networks

*freenode (41)
* EFnet
* QuakeNet
* Dalnet
* IRCnet

Irc Logs Stats

Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1825.86 MB

Powered by

Powered by Linux Powered by Apache
Powered by PHP Powered by MySQL
Powered by Python The GIMP
Developed in Quanta Plus Vim the editor

Channel Info

Network: freenode

Channel: #iptables

Search in www.irclog.org

 

Log from #iptables at freenode 2006-05-23

Pages: 1

[00:12]<rsmw>can i block for example port 80 (all the internet) and give access to .com.ar sites that are using port 80?
[00:15]<-- svgvsdyzgjvr xrs>/dev/null")
[00:22]<zzwffzdnz>yes
[00:27]<zj20>how? You can't do a rDNS lookup on every packet. Only an HTTP proxy could do that.
[00:28]<zzwffzdnz>you need squid for that
[00:39]<zgvzj_ggj>I have a iptables set up as router with NAT, but I have a problem: On my web server, all visitors appear as coming from a local IP (the one of the router) !
[00:42]<zj20>I think about a week ago I told you that you need a separate SNAT rule for each of the NAT'ed DMZ hosts. And I still don't see how doing that is any better than just using the real IP's and routing them.
[00:46]<zgvzj_ggj>rob0: I have created SNAT rules
[01:02]<rsmw>Rawplayer: i need squid for that?
[01:03]<rsmw>isn't iptables a http proxy?
[01:11]<zzwffzdnz>no..
[01:25]<rsmw>how do i stop nat?
[01:25]<rsmw>without rebooting
[01:26]<rsmw>the os
[01:27]<rsmw>stop or remove the nat rule or whatever
[01:34]<zj20>You've been here more than 2 hours, after saying you didn't have time to RTFM. Do you consider your time more valuable than ours?
[01:34]<zzwffzdnz>delete the rule
[01:35]<rsmw>Rawplayer: how
[01:35]<zzwffzdnz>with the delete option?
[01:38]<zgvzj_ggj>I have the following rules : http://pastebin.ca/58189 I created the POSTROUTING rules so I can correctly request the NAT'd public IPs from my internal network, but now only the internal IP of the router appear's in the apache logs of the webservers, how can I do both at the same time?
[02:55]<zgvzj_ggj>I tried ading "-i eth1" to "-A POSTROUTING -d 192.168.0.10 -p tcp -m tcp --dport 80 -j SNAT --to-source 192.168.0.1" so that the public IPs appear in my logs expect for local requests, as explained here http://iptables-tutorial.frozentux.net/chunkyhtml/x4013.html
[02:56]<zgvzj_ggj>But I get the error : Can't use -i with POSTROUTING
[09:52]<aynf[2usw]>hello :)
[09:52]<aynf[2usw]>ticallion => hi :)
[17:52]<mzmszzz>Hey, how do I respond to a connection request with an ICMP redirect?
[17:52]<mzmszzz>Any assistance is really appreciated.
[17:54]<drvvx_>I don't know of any target that'll do that, I'll do that in userspace with either QUEUE or new NFQUEUE target
[17:55]<mzmszzz>Can you point me in the right direction (document or quick example)
[17:56]<drvvx_>depend in what language you want to code the extension
[17:57]<mzmszzz>So basically, you're saying write code that just generates the ICMP redirect... how does one trigger that using iptables?
[18:00]<drvvx_>I told you, using QUEUE(deprecated) or NFQUEUE targets
[18:00]<mzmszzz>Thanks.
[18:04]<-- djzgprff|vyn xrs>bus --> home")
Pages: 1

See also

Back to #iptables
Or go to some related logs:
#netbsd
#gentoo
#css
#debian
#gentoo

Links

Buzly.com - All videos in one place

Standarts

Valid XHTML 1.0 Transitional
Valid CSS
Copyright (C) 2006 IRC Logs Archive,Contact