|
Forwarding my IP.
I don't really understand all this IP/Ports thing. But I know that if I want people to connect to my site, I have to forward the incoming public/port request to the private IP leading to my computer. But I seem stuck somewhere in that guide down where it says Make Your Server Accesible to the Internet. I don't follow him, he says to forward my ports, I did. 22 and 80 both TCP and UDP are up and it still won't do a thing. If someone could explain all that thing in different words maybe I'd understand. My router/Modem (Mine does both) is a 2wire:2701HG-G.
(BTW, on that page http://www.portforward.com/english/r...1HG-Gindex.htm , what am I looking for? Its all games and application. ) |
Quote:
Hopefully similar enough. Code:
http://gateway.2wire.net you can use grc.com's Shields-UP! (or any other number of available services or even a friend or an external account you may have) to test before and after. hope this helps. |
Cool, well I did that but. I dunno whats keeping it from working. Heres a picture of my situation
http://img300.imageshack.us/img300/9675/problemmb4.png I think I did everything right. |
On the internal computer, show us the output of
ifconfig -a and iptables -L Thanks |
ifconfig -a :
eth0 Link encap:Ethernet HWaddr 00:16:76:3d:cc:f4 inet addr:192.168.2.11 Bcast:192.168.2.255 Mask:255.255.255.0 inet6 addr: fe80::216:76ff:fe3d:ccf4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:289 errors:0 dropped:0 overruns:0 frame:0 TX packets:40 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:26366 (25.7 KB) TX bytes:4754 (4.6 KB) Base address:0x1000 Memory:d3100000-d3120000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:4 errors:0 dropped:0 overruns:0 frame:0 TX packets:4 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:200 (200.0 B) TX bytes:200 (200.0 B) iptables -L : Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere eth0_in all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:INPUT:REJECT:' reject all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination eth0_fwd all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:FORWARD:REJECT:' reject all -- anywhere anywhere Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere eth0_out all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:OUTPUT:REJECT:' reject all -- anywhere anywhere Chain Drop (2 references) target prot opt source destination reject tcp -- anywhere anywhere tcp dpt:auth dropBcast all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed ACCEPT icmp -- anywhere anywhere icmp time-exceeded dropInvalid all -- anywhere anywhere DROP udp -- anywhere anywhere multiport dports loc-srv,microsoft-ds DROP udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn DROP udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 DROP tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds DROP udp -- anywhere anywhere udp dpt:1900 dropNotSyn tcp -- anywhere anywhere DROP udp -- anywhere anywhere udp spt:domain Chain Reject (4 references) target prot opt source destination reject tcp -- anywhere anywhere tcp dpt:auth dropBcast all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp fragmentation-needed ACCEPT icmp -- anywhere anywhere icmp time-exceeded dropInvalid all -- anywhere anywhere reject udp -- anywhere anywhere multiport dports loc-srv,microsoft-ds reject udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn reject udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535 reject tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds DROP udp -- anywhere anywhere udp dpt:1900 dropNotSyn tcp -- anywhere anywhere DROP udp -- anywhere anywhere udp spt:domain Chain all2all (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Reject all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:all2all:REJECT:' reject all -- anywhere anywhere Chain dropBcast (2 references) target prot opt source destination DROP all -- anywhere anywhere PKTTYPE = broadcast DROP all -- anywhere anywhere PKTTYPE = multicast Chain dropInvalid (2 references) target prot opt source destination DROP all -- anywhere anywhere state INVALID Chain dropNotSyn (2 references) target prot opt source destination DROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN Chain dynamic (2 references) target prot opt source destination Chain eth0_fwd (1 references) target prot opt source destination dynamic all -- anywhere anywhere state INVALID,NEW smurfs all -- anywhere anywhere state INVALID,NEW tcpflags tcp -- anywhere anywhere Chain eth0_in (1 references) target prot opt source destination dynamic all -- anywhere anywhere state INVALID,NEW smurfs all -- anywhere anywhere state INVALID,NEW ACCEPT udp -- anywhere anywhere udp dpts:bootps:bootpc tcpflags tcp -- anywhere anywhere net2fw all -- anywhere anywhere Chain eth0_out (1 references) target prot opt source destination ACCEPT udp -- anywhere anywhere udp dpts:bootps:bootpc fw2net all -- anywhere anywhere Chain fw2net (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain logdrop (0 references) target prot opt source destination LOG all -- anywhere anywhere LOG level info prefix `Shorewall:logdrop:DROP:' DROP all -- anywhere anywhere Chain logflags (5 references) target prot opt source destination LOG all -- anywhere anywhere LOG level info prefix `Shorewall:logflags:DROP:' DROP all -- anywhere anywhere Chain logreject (0 references) target prot opt source destination LOG all -- anywhere anywhere LOG level info prefix `Shorewall:logreject:REJECT:' reject all -- anywhere anywhere Chain net2all (0 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED Drop all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:net2all:DROP:' DROP all -- anywhere anywhere Chain net2fw (1 references) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED reject icmp -- anywhere anywhere icmp echo-request ACCEPT tcp -- anywhere anywhere tcp dpt:www ACCEPT tcp -- anywhere anywhere tcp dpt:ssh Drop all -- anywhere anywhere LOG all -- anywhere anywhere LOG level info prefix `Shorewall:net2fw:DROP:' DROP all -- anywhere anywhere Chain reject (12 references) target prot opt source destination DROP all -- anywhere anywhere PKTTYPE = broadcast DROP all -- anywhere anywhere PKTTYPE = multicast DROP all -- 255.255.255.255 anywhere DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere REJECT tcp -- anywhere anywhere reject-with tcp-reset REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable REJECT icmp -- anywhere anywhere reject-with icmp-host-unreachable REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain shorewall (0 references) target prot opt source destination Chain smurfs (2 references) target prot opt source destination LOG all -- 255.255.255.255 anywhere LOG level info prefix `Shorewall:smurfs:DROP:' DROP all -- 255.255.255.255 anywhere LOG all -- BASE-ADDRESS.MCAST.NET/4 anywhere LOG level info prefix `Shorewall:smurfs:DROP:' DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere Chain tcpflags (2 references) target prot opt source destination logflags tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG logflags tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE logflags tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST logflags tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN logflags tcp -- anywhere anywhere tcp spt:0 flags:FIN,SYN,RST,ACK/SYN |
Hmm, made a few tests with my friends today and it looks like it works ^.^ Whatever you guys did to me seemed to make its magic. Thanks all !
|
these routers are junk :(
I am struggling with one as well. I am no beginner, I am an experienced Unix & Linux sysadmin. The problem is simply that some computers don't show up on the router's list, so there's no way to set up NAT for them because the setting is not by IP address but by the name on the list. The list is somehow dynamically discovered by the router, and I have no clue what it is my Linux box has to do to be noticed. Maybe something to do with SNMP? Or NetBIOS? I did a tcpdump on the Linux box and I see the router continually sends ARP requests, 1 per second. When my box receives one of these it replies properly with its MAC address, so that makes it even weirder that it's not included in the list.
If anyone has figured out how to make this piece of *@%# behave, please help. i |
| All times are GMT -5. The time now is 12:17 AM. |