| RageD |
06-02-2008 01:15 PM |
IPTable not working!
Ok. I am running a PopTop server and all was well until I rebooted. iptables had all these reject rules so I did this:
Code:
[root@vpnserver1 ~]# iptables -F
[root@vpnserver1 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Now, I try to run some commands to forward the ports again:
Code:
[root@vpnserver1 ~]# iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1723 -j DNAT --to PUBLIC_IP
iptables -t nat -A PREROUTING -i eth0 -p 47 -j DNAT --to PUBLIC_IP
iptables -t nat -A POSTROUTING -s 169.254.0.1 -j SNAT --to SERVER_PUBLIC_IP
iptables -t nat -A POSTROUTING -s 169.254.0.2 -j SNAT --to PUBLIC_IP
[root@vpnserver1 ~]# iptables -t nat -A PREROUTING -i eth0 -p 47 -j DNAT --to PUBLIC_IP
[root@vpnserver1 ~]# iptables -t nat -A POSTROUTING -s 169.254.0.1 -j SNAT --to SERVER_PUBLIC_IP
[root@vpnserver1 ~]# iptables -t nat -A POSTROUTING -s 169.254.0.2 -j SNAT --to PUBLIC_IP
I then again run the check on iptables:
Code:
[root@vpnserver1 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap50 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap50 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap49 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap49 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap48 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap48 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap47 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap47 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap46 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap46 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap45 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap45 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap44 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap44 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap43 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap43 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap42 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap42 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap41 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap41 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap40 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap40 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap39 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap39 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap38 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap38 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap37 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap37 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap36 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap36 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap35 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap35 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap34 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap34 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap33 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap33 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap32 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap32 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap31 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap31 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap30 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap30 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap29 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap29 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap28 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap28 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap27 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap27 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap26 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap26 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap25 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap25 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap24 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap24 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap23 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap23 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap22 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap22 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap21 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap21 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap20 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap20 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap19 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap19 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap18 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap18 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap17 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap17 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap16 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap16 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap15 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap15 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap14 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap14 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap13 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap13 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap12 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap12 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap11 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap11 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap10 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap10 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap9 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap9 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap8 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap8 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap7 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap7 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap6 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap6 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap5 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap5 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap4 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap4 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap3 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap3 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap2 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap2 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap1 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap1 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT tcp -- anywhere anywhere PHYSDEV match --physdev-out tap0 tcp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
REJECT udp -- anywhere anywhere PHYSDEV match --physdev-out tap0 udp dpts:epmap:netbios-ssn reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
It spits the same output it had BEFORE I ran iptables -F!
Any ideas?
-RageD |
