IRC Logs

Network: freenode Channel: #iptables

	Enter your search terms Submit search form
	Web www.irclog.org

[16:01]<dnzjzdsvnz>--oif
[16:01]<dnzjzdsvnz>missing a -
[16:01]<brdd9g>?
[16:02]<dnzjzdsvnz>iptables -A FORWARD -p tcp -i eth3 --dport 80 -j ROUTE --oif eth0
[16:05]<brdd9g>DerJamster : do you mean : iptables -A FORWARD -p tcp -i eth3 --dport 80 -j ROUTE -oif eth0
[16:05]<brdd9g>?
[16:05]<brdd9g>Bad argument `eth0'
[16:05]<dnzjzdsvnz>no. Read what I wrote.
[16:05]<brdd9g><DerJamster> iptables -A FORWARD -p tcp -i eth3 --dport 80 -j ROUTE --oif eth0 <-- this one ? --oif ?
[16:05]<dnzjzdsvnz>yep
[16:06]<brdd9g>iptables v1.3.1: Unknown arg `--oif'
[16:07]<dnzjzdsvnz>strange.
[16:07]<dnzjzdsvnz>'iptables -j ROUTE -help'. does it say --oif in the helpfile?
[16:12]<brdd9g>http://paste.ubuntu-nl.org/19391
[16:13]<brdd9g>u can see there
[16:15]<dnzjzdsvnz>you typed 'iptables -j ROUTE -help', right?
[16:15]<dnzjzdsvnz>ah..yep
[16:15]<dnzjzdsvnz>okay, looks like ROUTE might be missing.
[16:15]<dnzjzdsvnz>in your iptables
[16:15]<brdd9g>so ?
[16:15]<drwygn>rumour has it so is a needle pulling thread
[16:16]<dnzjzdsvnz>so you gotta compile your kernel with iptabes ROUTE support and patch your iptables too.
[16:16]<gxor>hello peeps, i need help in making ipt_recent module
[16:17]<gxor>i have downloaded ipt_Rrecent package but there is no Makefile or configure script within
[16:17]<gxor>wtf am i supposed to do
[16:17]<gxor>gcc options doesnt work either
[16:18]<brdd9g>im using ubuntu breezy
[16:20]<brdd9g>DerJamster but the command failed at eth0
[16:21]<brdd9g>Bad argument `eth0'
[16:26]<dnzjzdsvnz>the line was 'iptables -A FORWARD -p tcp -i eth3 --dport 80 -j ROUTE --oif eth0' tho, right?
[16:26]<dnzjzdsvnz>hmh. strange.
[16:27]<brdd9g>http://paste.ubuntu-nl.org/19392
[16:27]<brdd9g>i have tried --oif and -oif
[16:32]<brdd9g>is i should use -p too ?
[16:33]<brdd9g>or maybe there is alternate command ?
[16:36]<brdd9g>i have 2 gw ( eth0 and eth1 ) my LAN using eth 3 ... i have already masquerade both gw ... but now i want to foward port 80 to gw eth0 only and port 21 using eth1 what is the command using iptables ? need help
[17:03]<brdd9g>:(
[17:07]<brdd9g>DerJamster : if you have the answer please let me know mirza.k@gmail.com
[17:07]<brdd9g>thx
[17:37]<afnxnztnah>hi everybody
[17:37]<afnxnztnah>i need help
[17:37]<afnxnztnah>i cant share internet to my clients
[17:37]<afnxnztnah>what do i am missing in my script ?
[17:37]<afnxnztnah>http://pastebin.ca/110269
[17:37]<afnxnztnah>hi vice-versa ;)
[17:38]<vyrn-vnzsr>AleXerTecH: hey man
[17:38]<afnxnztnah>eth1 and eth2 are both my internet interfaces, and eth0 are the lan...
[17:38]<afnxnztnah>the server has perfectly internet
[17:38]<afnxnztnah>vice-versa, now im working in the interent share part of my script ;)
[17:39]<vyrn-vnzsr>AleXerTecH: well good luck with it, would like to help but I'm quite bust atm
[17:39]<vyrn-vnzsr>s/bust/busy/
[17:39]<afnxnztnah>vice-versa, jejeje, dont worry ;) good luck to you too
[17:40]<dnzjzdsvnz>AleXerTecH: the first MASQUERADE line makes the second one obsolete
[17:40]<afnxnztnah>Ok, DerJamster , i have deleted
[17:41]<afnxnztnah>DerJamster, how do i share the connection ? i make a forward string but doesnt work, it only lets resolv hostnames
[17:42]<dnzjzdsvnz>192.168.1.2 is set as the gateway?
[17:42]<dnzjzdsvnz>and what's the routing setup of 192.168.1.2?
[17:42]<afnxnztnah>DerJamster, my network works in 192.168.2.0
[17:42]<dnzjzdsvnz>er, 2.1
[17:43]<afnxnztnah>well
[17:43]<afnxnztnah>2.1 its the router, and he routes to one ethernet or other with ip route
[17:44]<afnxnztnah>but for the firewall and share connections im usingj iptables
[17:44]<afnxnztnah>like i toldyou, the hosts of my net can resolve names
[17:44]<afnxnztnah>i do a ping to www.google.com, and he resolve the ip but nevers response
[17:58]<dnzjzdsvnz>hmh. very weird.
[18:02]<rlraxne>http://www.tbg.nu/iptables.txt updated with portforwarding example
[18:28]<gnvvyn>Hi guys, does netfilter supports temporary time/traffic based rules please?
[18:29]<gnvvyn>let's say I would like to add a rule which will permit traffic from a certain ip and that the rule will automatically be deleted after a n minutes of inactivity?
[18:29]<gnvvyn>trying to configure a juniper/netscreen like webauth
[18:59]<-- dvxn|syzzzyus xzs>http://www.bagdadsoftware.de")
[19:16]<ewzrfwrr>hy... if my isp is forwarding all packets with ttl1 what can i do to bypass that ? to forward in my private lan
[19:46]<rlraxne>z3rgl1ng: change the ttl
[19:46]<drwygn>Apachez: that doesn't look right
[19:46]<rlraxne>maxine
[19:46]<drwygn>Apachez?
[19:46]<rlraxne>maxine ?
[19:46]<drwygn>Apachez?
[19:46]<rlraxne>maxine a bot ?
[19:46]<drwygn>somebody said a bot was a lot of fun.
[19:46]<rlraxne>bah!
[21:30]<afnxnztnah>Apachez, ? are you tehere ?
[21:31]<afnxnztnah>there ?
[21:31]<drwygn>there are files in /etc/sysconfig/network usually.
[21:31]<afnxnztnah>i need help with this http://pastebin.ca/110269
[21:31]<afnxnztnah>i cant get the hosts of my network out to internet
[21:32]<afnxnztnah>all the hosts resolve the ip of a x domain, but i cant get to there with the browser
[21:37]<fyguw_drgau>AleXerTecH: can u explain ur problem properly
[21:37]<fyguw_drgau>as of now Its a bit confusing :P
[21:39]<fyguw_drgau>AleXerTecH: what does cat /proc/sys/net/ipv4/ip_forward say?
[21:39]<fyguw_drgau>is t 1 or 0
[21:42]<fyguw_drgau>AleXerTecH: ??
[21:52]<rlsymns>I am just slightly confused about something. do i have this right: best practice would be to set -P INPUT DROP as my FIRST rule. This makes it so that the default rule for anything coming in is drop. Alone this drops all packets beause it is the first rule and the only rule but when i have a second rule that allows a certain protocol, the first is only used as a way to match all packets and send them on to the second rule?
[21:53]<fyguw_drgau>apsides: iptables -P INPUT DROP
[21:53]<fyguw_drgau>is the default policy.. If a packet doent match any of the rules..

Back to #iptables
Or go to some related logs:
#gentoo
#python
#debian
#gentoo
#macosx