Hi people,,my client PCs are having a problem connecting to google ever since i added some rules in my iptables. Here are my rules
Quote:
# Generated by iptables-save v1.4.7 on Fri Jan 11 14:42:42 2013
*nat
:PREROUTING ACCEPT [51:3684]
:POSTROUTING ACCEPT [6:477]
:OUTPUT ACCEPT [13:1058]
-A POSTROUTING -o eth1 -j MASQUERADE
COMMIT
# Completed on Fri Jan 11 14:42:42 2013
# Generated by iptables-save v1.4.7 on Fri Jan 11 14:42:42 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2:136]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -p icmp -m icmp --icmp-type 8 -j DROP
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o eth1 -j ACCEPT
-I FORWARD -m string --algo bm --string "facebook.com" -j DROP
-I FORWARD -m string --algo bm --string "utorrent.com" -j DROP
-I FORWARD -m string --algo bm --string "bittorrent.com" -j DROP
-I FORWARD -m string --algo bm --string "frostwire.com" -j DROP
-I FORWARD -m string --algo bm --string "bearshare.com" -j DROP
-I FORWARD -m string --algo bm --string "4shared.com" -j DROP
-I FORWARD -m string --algo bm --string "filestube.com" -j DROP
-A OUTPUT -p tcp -m tcp --dport 25 -j ACCEPT
COMMIT
# Completed on Fri Jan 11 14:42:42 2013
|
the string rules in forward chain is what i added lately.
The rules did blocked those specified sites but then, the clents were unable to google search after i added those rules
Im noob to linux so decided to ask for help again guys...