IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1825.77 MB
Powered by
Channel Info
Network: freenodeChannel: #iptables |
Search in www.irclog.org
Log from #iptables at freenode 2006-08-10
[00:00]<fyguw_drwau>tcmjr: I suggest you to take the configuration of the generic kernel.. Boot off it..
[00:00]<vadaz>i dont think there is one, I could try to use genkernel thou
[00:00]<igku2us>so iptables -t nat -I POSTROUTING -s 192.168.106.128 -d 0.0.0.0/0 -p ALL -j SNAT --to 87.106.53.101 wouldn't work
[00:00]<fyguw_drwau>and do zcat /proc/config.gz > /onefl and see the settings that need to be enabled
[00:01]<fyguw_drwau>InKubus: It will work.. only if the client's gw is set to the internal interface,,
[00:01]<fyguw_drwau>InKubus: Else how does the Pc know where to deliver the packets
[00:02]<igku2us>it is set
[00:02]<fyguw_drwau>InKubus: open a browser in the client and type www.whatismyip.com
[00:02]<fyguw_drwau>what IP do you see ?
[00:03]<vadaz>okay, i'm gonna kill myself now
[00:03]<fyguw_drwau>tcmjr: not that early..
[00:03]<fyguw_drwau>tcmjr: slow death is more njoying..
[00:03]<fyguw_drwau>;)
[00:03]<fyguw_drwau>tcmjr: ever heard of Armin Mewis?
[00:03]<vadaz>nope
[00:04]<fyguw_drwau>search google.. and you will faint
[00:04]<igku2us>iptables -t nat -I PREROUTING -s 0.0.0.0/0 -d 87.106.53.101 -p tcp --dport 3389 -j DNAT --to 192.168.106.128:3389
[00:04]<igku2us>should that work?
[00:04]<fyguw_drwau>InKubus: yup
[00:04]<fyguw_drwau>InKubus: Provided gw IS SET
[00:04]<fyguw_drwau>:)
[00:04]<igku2us>how can i do it with snat?
[00:05]<igku2us>i don't see an snat prerouting rule
[00:05]<fyguw_drwau>InKubus: there can not be SNAT PREROTUING rule
[00:05]<igku2us>ah
[00:05]<fyguw_drwau>its alawys done on pstrouting
[00:05]<vadaz>okay, gotta go home now. will log on irc when I arrive
[00:05]<vadaz>cya
[00:05]<igku2us>well i figured i didn't need to do this since you did it already:
[00:05]<igku2us>iptables -t nat -I POSTROUTING -s 192.168.106.128 -d 0.0.0.0/0 -p ALL -j SNAT --to 87.106.53.101
[00:06]<igku2us>twice would be pointless right?
[00:06]<fyguw_drwau>yup..
[00:06]<igku2us>cool
[00:06]<fyguw_drwau>tcmjr: bye
[00:06]<fyguw_drwau>InKubus: twice is not pointless... Its insanity
[00:06]<fyguw_drwau>:)
[00:07]<igku2us>sweet it works!
[00:07]<igku2us>oh
[00:07]<igku2us>iptables -t nat -A PREROUTING -s 0.0.0.0/0 -d 87.106.53.101 -p tcp --dport 3389 -j DNAT --to 192.168.106.128:3389
[00:07]<igku2us>that and the above line should do it?
[00:08]<fyguw_drwau>InKubus: Bingo.. you are on..
[00:08]<fyguw_drwau>thats should do it
[00:08]<igku2us>hmm
[00:08]<igku2us>can't telnet it
[00:08]<igku2us>but can when from ssh
[00:09]<igku2us>ah i see
[00:09]<fyguw_drwau>hmm.. Gateway man.. is the default gw set to 192.168.106.1?
[00:10]<igku2us>i need to forward this port to logon to the server to check
[00:10]<igku2us>but i'm pretty sure it is
[00:10]<igku2us>perhaps i need to change it to 87.106.13.213?
[00:10]<fyguw_drwau>InKubus: what ???
[00:11]<fyguw_drwau>InKubus: what are you upto?
[00:11]<igku2us>me?
[00:11]<igku2us>why whatever do you mean >_<
[00:11]<fyguw_drwau>InKubus: i need to forward this port to logon to the server to check
[00:11]<fyguw_drwau>?
[00:11]<fyguw_drwau>which server which port
[00:11]<igku2us>port 3389
[00:12]<igku2us>i did nat -A PREROUTING -s 0.0.0.0/0 -d 87.106.53.101 -p tcp --dport 3389 -j DNAT --to 192.168.106.128:3389
[00:12]<igku2us>but nothing is happening
[00:13]<fyguw_drwau>InKubus: are you checking it from the same LAN .. i.e 192.168.106.128 network?
[00:13]<igku2us>no
[00:13]<fyguw_drwau>InKubus: try this and tell me..
[00:14]<fyguw_drwau>iptables -t nat -A POSTROUING -s 0.0.0.0/0 -d 192.168.106.128 -p tcp --dport 3389 -j SNAT --to 192.168.106.1
[00:16]<igku2us>done
[00:16]<fyguw_drwau>InKubus: is the service running at 3389??
[00:17]<fyguw_drwau>what do you get when you do telnet 192.168.106.128 3389 from the gateway?
[00:17]<igku2us>connection opens up
[00:17]<igku2us>just a black screen waiting for input
[00:18]<igku2us>Chain PREROUTING (policy ACCEPT)
[00:18]<igku2us>target prot opt source destination
[00:18]<igku2us>DNAT tcp -- anywhere s15222502.onlinehome-server.info tcp dpt:ms-wbt-server to:192.168.106.128:3389
[00:18]<igku2us>DNAT tcp -- anywhere s15222502.onlinehome-server.info tcp dpt:http to:192.168.106.128:80
[00:18]<fyguw_drwau>do you see some message.. something
[00:18]<igku2us>Chain POSTROUTING (policy ACCEPT)
[00:18]<igku2us>target prot opt source destination
[00:18]<igku2us>SNAT all -- 192.168.106.128 anywhere to:87.106.53.101
[00:18]<igku2us>when i telnet i gt
[00:18]<igku2us>server2:/home # telnet 192.168.106.128 3389
[00:18]<igku2us>Trying 192.168.106.128...
[00:18]<igku2us>Connected to 192.168.106.128.
[00:18]<igku2us>Escape character is '^]'.
[00:18]<drwygn>i already had it that way, InKubus.
[00:19]<igku2us>yeah i added some extra rules
[00:19]<igku2us>but had dupes and didn't know how to remove just 1 of them
[00:19]<igku2us>so i retyped your commands
[00:20]<drwygn>linux_ma1ju: huh?
[00:21]<fyguw_drwau>InKubus: can you paste the output iptables -t nat -L -nv
[00:21]<igku2us> 4 228 DNAT tcp -- * * 0.0.0.0/0 87.106.53.101 tcp dpt:3389 to:192.168.106.128:3389
[00:21]<igku2us> 0 0 DNAT tcp -- * * 0.0.0.0/0 87.106.53.101 tcp dpt:80 to:192.168.106.128:80
[00:21]<igku2us> 0 0 SNAT all -- * * 192.168.106.128 0.0.0.0/0 to:87.106.53.101
[00:22]<fyguw_drwau>InKubus: Thats not going to work..
[00:22]<fyguw_drwau>InKubus: Is that all that is there?
[00:22]<igku2us>yeah
[00:23]<igku2us>did i miss something?
[00:24]<fyguw_drwau>InKubus: try iptables -t nat -I POSTROUTING -s 0.0.0.0/0 -d 192.168.106.128 -p tcp --dport 3389 -j SNAT --to 192.168.106.1
[00:24]<fyguw_drwau>InKubus: copy paste the above command
[00:26]<igku2us>;D
[00:26]<igku2us>!
