IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1834.77 MB
Powered by
Channel Info
Network: freenodeChannel: #iptables |
Search in www.irclog.org
Log from #iptables at freenode 2006-07-13
[04:06]<zj2wow0>;-)
[04:06]<sara>how can i make iptables force it to OUTPUT to the ip
[04:06]<sara>k sorry
[04:07]<zj2wow0>skac: I'm not sure about that one, but the -j ROUTE target may be what you want
[04:07]<zj2wow0>myconid: sorry, can't help you there :)
[04:07]<sara>what did i do to deserv to be told to shutup?
[04:08]<zj2wow0>skac: I was kidding, man - notice the ";-)"
[04:08]<sara>heh
[04:09]<mmajgym>can I just put both machines on the smae IP and hope for the best? :)
[04:09]<sara>no your heading for a ARP punch up doing that.
[04:11]<sara>robw810: i don't see why its not doing all this for me anyway =\
[04:11]<mmajgym>ill just give them t he same mac address
[11:34]<rfrg``>Anyone able to give me some assistance with some interface routing in iptables?
[12:07]<drvvx_>dump some stuff, you'll see
[12:09]<rfrg``>Not too sure if this is more an ip route thing or iptables
[12:09]<rfrg``>But here goes:
[12:09]<rfrg``>I have 2 interfaces, both hooked up to the same network ie. dual uplinks
[12:10]<rfrg``>Both internet facing interfaces
[12:10]<rfrg``>Basically I need all traffic which comes into the box via eth1, to be answered via eth1
[12:10]<rfrg``>Same with eth0
[12:13]<drvvx_>did you check lart.org howto ?
[12:13]<drvvx_>s/lart/lartc/
[12:15]<drvvx_>there are some hints about multiple uplink and source routing that may help
[12:20]<rfrg``>Looked there... there's stuff about multiple uplinks but those are for cases where the 2 uplinks go to 2 providers
[12:21]<rfrg``>In my situation I have 2 uplinks, same provider... really just gives me 200Mbps to play with over 100
[12:24]<rfrg``>Same switch, same gateway
[12:25]<rfrg``>Traffic going in via whatever interface just needs to return via the same interface
[12:41]<drvvx_>mmh looks tricky
[12:54]<rfrg``>eth1 only has 1 IP..
[12:55]<rfrg``>Will only ever have 1 IP...
[13:22]<djzfggwus>Hello all.
[13:22]<djzfggwus>Short question:
[13:22]<djzfggwus>This is my default policy:
[13:22]<djzfggwus>iptables -P INPUT DROP
[13:22]<djzfggwus>iptables -P FORWARD DROP
[13:22]<djzfggwus>iptables -P OUTPUT DROP
[13:23]<djzfggwus>At the bottom of my script i do this: iptables -A INPUT -j INDROPLOG, iptables -A OUTPUT -j OUTDROPLOG , iptables -A FORWARD -j FWDDROPLOG
[13:23]<djzfggwus>Each of this LOG-Chains contain this rule: iptables -A INDROPLOG -j DROP
[13:23]<djzfggwus>Do i need to define the policy at the top of the script?
[13:23]<djzfggwus>Because i'm dropping everything below.
[13:58]<rsr2yf>Hi all
[13:58]<rsr2yf>I have some troubles masquerading a vpn connection
[13:58]<rsr2yf>i am on a campus, and we have to use cisco vpn client
[13:58]<rsr2yf>i tried to nat this, to share it with my laptop
[13:59]<rsr2yf>actually i can get access to net
[13:59]<rsr2yf>but it dies after some seconds
[13:59]<rsr2yf>or it becomes very very slow
[14:08]<[gabri]>hi people
[14:08]<[gabri]>I need redirect all my traffic to a website
[14:09]<[gabri]>iptables -t nat -A PREROUTING -i eth0 -p TCP --dport 8080 -j REDIRECT --dnat www.google.es , it is correct?
[14:11]<wjjmmwjjmlnacnz>Redirection is not DNAT. man iptables
[14:12]<wjjmmwjjmlnacnz>asabil: Are you using openvpn? Better would be ##networking anyway.
[14:13]<[gabri]>mm WoodyWoodpecker iptables -t nat -A PREROUTING -i eth0 -p TCP --dport 8080 -j REDIRECT ip?
[14:14]<wjjmmwjjmlnacnz>You can only redirect to the manchine itself. Read the man.
[14:17]<rsr2yf>cisco vpn
[14:19]<wjjmmwjjmlnacnz>Sorry, right. I never used that client before.
[14:43]<fnzzf>hi
[14:44]<drwygn>what's up, pearl.
[14:44]<fnzzf>not much, maxine.
[14:44]<drwygn>pearl: i'm not following you...
[14:44]<fnzzf>that's ok. :-)
[19:15]<sxzjvvd>hello
[19:15]<drwygn>hello, shrotty.
[19:15]<sxzjvvd>:), hi
[19:34]<-- 2funn xrs fuyv (">home")
[19:37]<rsr2yf>anyone sees a problem with this ?
[19:37]<rsr2yf>http://rafb.net/paste/results/snHmiv15.html
[19:37]<rsr2yf>i don't undertand much about iptables
[19:37]<rsr2yf>i am trying to share my connection by using NAT
[19:48]<rsr2yf>anyone please?
[19:50]<sara>-I INPUT 1 <--
[19:50]<sara>wrong.
[19:50]<sara>what does '1' relate to? =\\
[19:50]<sara>where did you get this script from:
[19:53]<fnzzf>asabil: u should input default policy DROP
[19:53]<fnzzf>i never saw this before...
[19:53]<fnzzf>export LAN=eth0
[19:53]<fnzzf>export WAN=cipsec0
[19:53]<fnzzf>hehe :-)
[19:54]<rsr2yf>http://www.gentoo.org/doc/en/home-router-howto.xml#doc_chap5
[19:54]<rsr2yf>it comes from here
[19:54]<rsr2yf>sorry, i am a newb about networking stuff...
[19:55]<rsr2yf>skac, -I, --insert chain [rulenum] rule-specification
[19:55]<rsr2yf>that's why the 1 is there i think
[19:55]<rsr2yf>rulenum
[19:57]<fnzzf>i do it like iptables -t nat -A PREROUTING -i ppp0 -p tcp --dport 80 -j DNAT --to 192.168.0.2:80
[19:57]<fnzzf>never used -I
[19:57]<fnzzf>=)
[19:58]<rsr2yf>what is that for ?
[19:58]<rsr2yf>i want to redirect all ports
[19:58]<rsr2yf>oO
