[ Date Index ][
Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]
I've got an IPCop Internet gateway which appears to be configured to route packets only for the network the green interface is on (10.0.0.0). I need it to also route packets from the 10.0.1.0 network on the same interface, to which it has a static route. I'm presuming this is a job for IPChains? I've read the howto but it wasn't making much sense to me.... IPChains is currently configured as follows: root@xxxxx:/ # ipchains -L Chain input (policy REJECT): target prot opt source destination ports ipac_bth all ------ anywhere anywhere n/a ipac_in all ------ anywhere anywhere n/a squid all ------ anywhere anywhere n/a ACCEPT all ------ anywhere anywhere n/a ACCEPT all ------ anywhere anywhere n/a secin all ------ anywhere anywhere n/a block all ------ anywhere anywhere n/a - all ----l- anywhere anywhere n/a Chain forward (policy REJECT): target prot opt source destination ports secout all ------ anywhere anywhere n/a MASQ all ------ 10.0.0.0/24 anywhere n/a MASQ all ------ 10.0.0.0/24 anywhere n/a MASQ all ------ 10.0.0.0/24 anywhere n/a dmzholes all ------ anywhere anywhere n/a ACCEPT all ------ anywhere 10.0.0.0/24 n/a - all ----l- anywhere anywhere n/a Chain output (policy ACCEPT): target prot opt source destination ports ipac_bth all ------ anywhere anywhere n/a ipac_out all ------ anywhere anywhere n/a Chain squid (1 references): Chain secin (1 references): target prot opt source destination ports ACCEPT all ------ anywhere anywhere n/a Chain secout (1 references): target prot opt source destination ports ACCEPT all ------ anywhere anywhere n/a Chain block (1 references): target prot opt source destination ports ACCEPT tcp ------ anywhere anywhere any -> 1024:65535 ACCEPT udp ------ anywhere anywhere any -> 1024:65535 ACCEPT tcp ------ anywhere anywhere any -> 1024:65535 ACCEPT udp ------ anywhere anywhere any -> 1024:65535 ACCEPT tcp ------ anywhere 192.168.0.0/24 any -> 1024:65535 ACCEPT udp ------ anywhere 192.168.0.0/24 any -> 1024:65535 xtaccess all ------ anywhere anywhere n/a ACCEPT udp ------ anywhere anywhere any -> isakmp ACCEPT gre ------ anywhere anywhere n/a ACCEPT ipv6-crypt------ anywhere anywhere n/a ACCEPT ipv6-auth------ anywhere anywhere n/a ACCEPT udp ------ anywhere anywhere any -> isakmp ACCEPT gre ------ anywhere anywhere n/a ACCEPT ipv6-crypt------ anywhere anywhere n/a ACCEPT ipv6-auth------ anywhere anywhere n/a ACCEPT udp ------ anywhere 192.168.0.0/24 any -> isakmp ACCEPT gre ------ anywhere 192.168.0.0/24 n/a ACCEPT ipv6-crypt------ anywhere 192.168.0.0/24 n/a ACCEPT ipv6-auth------ anywhere 192.168.0.0/24 n/a ACCEPT icmp ------ anywhere anywhere any -> any ACCEPT icmp ------ anywhere anywhere any -> any ACCEPT icmp ------ anywhere 192.168.0.0/24 any -> any Chain xtaccess (1 references): target prot opt source destination ports ACCEPT tcp ------ anywhere 192.168.0.2 any -> auth ACCEPT tcp ------ anywhere 192.168.0.2 any -> auth ACCEPT tcp ------ anywhere 192.168.0.2 any -> auth ACCEPT tcp ------ anywhere 192.168.0.2 any -> http ACCEPT tcp ------ anywhere 192.168.0.2 any -> http ACCEPT tcp ------ anywhere 192.168.0.2 any -> http ACCEPT tcp ------ anywhere 192.168.0.2 any -> smtp ACCEPT tcp ------ anywhere 192.168.0.2 any -> smtp ACCEPT tcp ------ anywhere 192.168.0.2 any -> smtp ACCEPT tcp ------ anywhere 192.168.0.2 any -> 1503 ACCEPT tcp ------ anywhere 192.168.0.2 any -> 1503 ACCEPT tcp ------ anywhere 192.168.0.2 any -> 1503 ACCEPT tcp ------ anywhere 192.168.0.2 any -> h323hostcall ACCEPT tcp ------ anywhere 192.168.0.2 any -> h323hostcall ACCEPT tcp ------ anywhere 192.168.0.2 any -> h323hostcall Chain dmzholes (1 references): Chain ipac_in (1 references): target prot opt source destination ports - all ------ anywhere anywhere n/a - all ------ anywhere anywhere n/a Chain ipac_out (1 references): target prot opt source destination ports - all ------ anywhere anywhere n/a - all ------ anywhere anywhere n/a Chain ipac_bth (2 references): David. -- Running Windows on a Pentium is like having a brand new Porsche but only being able to drive backwards with the handbrake on. -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe.