LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-15-2004, 04:05 PM   #1
intranet_man
LQ Newbie
 
Registered: Dec 2004
Distribution: RHEL 3/4, Fedora 3, dynebolic, Knoppix
Posts: 22

Rep: Reputation: 15
iptables and routing tables configuration


I'm definitely a noob when it comes to iptables and am having some problems getting the firewall to accept any sort of incoming or outgoing packets. My setup is as follows: Four NICS:

1/ External Device = eth0
2/ Internal Network = eth1
3/ DMZ1 = eth2
4/ DMZ2 = eth3

At the moment I commented out all the traffic routing for DMZ1 and DMZ2 as I simply want to test the external to internal and internal to external. When the iptables service is off I can ping my router, the external nic, outside hosts and inside hosts. When the iptables service is on I can ping my localhost on both the external and internal ip address. My routing table is as follows (for example):

Source - Gateway - Netmask
Router External - * - A.B.C.D
Internal Network - External Network (router side) - A.B.0.0

127.0.0.0 - * - 255.0.0.0
default - External Network - A.B.C.D


Below is my iptables-config. This is a modified version of the firewall included in Red Hat Linux Firewalls by Bill McCarty:

# Additional iptables modules (nat helper)
# Default: -empty-
#IPTABLES_MODULES="ip_nat_ftp"

# Save current firewall rules on stop.
# Value: yes|no, default: no
#IPTABLES_SAVE_ON_STOP="no"

# Save current firewall rules on restart.
# Value: yes|no, default: no
#IPTABLES_SAVE_ON_RESTART="no"

# Save (and restore) rule counter.
# Value: yes|no, default: no
#IPTABLES_SAVE_COUNTER="no"

# Numeric status output
# Value: yes|no, default: no
#IPTABLES_STATUS_NUMERIC="no"

#
#
# Network firewall for Executive Director
# Modified from Bill McCarty's Screen Network Firewall
#
#
#
# This firewall connects four neworks:
# 1. External Internet
# 2. Internal Network
# 3. DMZ1
# 4. DMZ2
#
#===============================================================
# My Network
#===============================================================

# External network exposed to the Internet
EXT_DEV=eth0
EXT_IP="" #Firewall Eth0 IP
EXT_BASE=""
EXT_BCAST=""
EXT_GATE="" #Router LAN IP

# Internal network
INT_DEV=eth1
INT_IP=""
INT_BASE=""
INT_BCAST=""
INT_NET=""

# DMZ One for services used by outside clients
#DMZ1_DEV=eth2
#DMZ1_IP=""
#DMZ1_BASE=""
#DMZ1_BCAST=""
#DMZ1_NET=""

# DMZ Special Tasks
#DMZ2_DEV=eth3
#DMZ2_IP=""
#DMZ2_BASE=""
#DMZ2_BCAST=""
#DMZ2_NET=""

# IP addresses of hosts/networks allowed to SSH into firewall
SSH="0.0.0.0"

# IP addresses of public servers
SMTP_IP=""
SMTP_EIP=""
DNS_IP=""
DNS_EIP=""
CITRIX_IP=""
CITRIX_EIP=""

# IP address of hosts/networks not to communicate with
SHUN=""

# The following are never legitmate outside IP addresses. They
# should always be considered bad IP address
#BAD_IP="$EXT_BASE $EXT_BCAST $INT_BASE $INT_BCAST $DMZ1_BASE #$DMZ1_BCAST $DMZ2_BASE $DMZ2BCAST 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 #169.254.0.0/16 192.0.2.0/24 224.0.0.0/4 240.0.0.0/5 255.255.255.255"

BAD_IP="$EXT_BASE $EXT_BCAST $INT_BASE $INT_BCAST 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 192.0.2.0/24 224.0.0.0/4 240.0.0.0/5 255.255.255.255"

IPT=/sbin/iptables
LOGOPT="--log-level=3 -m limit --limit 3/minute --limit-burst 3"
SYNOPT="-m limit --limit 5/second --limit-burst 10"

#===============================================================
#Clear the existing firewall rules
#===============================================================

if [ ! -x $IPT ]
then
echo "firewall: cannot execute $IPTABLES"
exit 1
fi

$IPT -F #Flush all rules in filter table
$IPT -F INPUT #Flush built-in rules
$IPT -F OUTPUT #Flush built-in rules
$IPT -F FORWARD #Flush built-in rules
$IPT -F -t mangle #Flush rules/delete user chains in mangle table
$IPT -t mangle -X #Flush rules/delete user chains in mangle table
$IPT -X #Delete all chains
$IPT -P INPUT DROP #set default policy to drop
$IPT -P OUTPUT DROP #set default policy to drop
$IPT -P FORWARD DROP #Set default policy to drop


for table in filter nat mangle
do
$IPT -t $table -F #Delete the table's rules
$IPT -t $table -X #Delete the table's chains
$IPT -t $table -Z #Zero the table's counters
done

#===============================================================
# Bad TCP Flags
#===============================================================

$IPT -N BADFLAGS
$IPT -A BADFLAGS -j LOG --log-prefix "IPT BADFLAGS: " $LOGOPT
$IPT -A BADFLAGS -j DROP

#===============================================================
# TCP Flag Validation
#============================================================================

$IPT -N TCP_FLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags ACK,FIN FIN -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags ACK,PSH PSH -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags ACK,URG URG -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags FIN,RST FIN,RST -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags SYN,FIN SYN,FIN -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags SYN,RST SYN,RST -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags ALL ALL -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags ALL NONE -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags ALL FIN,PSH,URG -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags ALL SYN,FIN,PSH,URG -j BADFLAGS
$IPT -A TCP_FLAGS -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j BADFLAGS

#============================================================================
# SYN Flood Protection
#============================================================================

$IPT -N SYN_FLOOD
$IPT -A SYN_FLOOD -p tcp --syn $SYNOPT -j RETURN
$IPT -A SYN_FLOOD -p ! tcp -j RETURN
$IPT -A SYN_FLOOD -p tcp ! --syn -j RETURN
$IPT -A SYN_FLOOD -j LOG --log-prefix "IPT SYN_FLOOD: " $LOGOPT
$IPT -A SYN_FLOOD -j DROP

#============================================================================
# Bad IP Chain
#============================================================================

$IPT -N BAD_IP
$IPT -A BAD_IP -j LOG --log-prefix "IPT BAD_IP: " $LOGOPT
$IPT -A BAD_IP -j DROP

#============================================================================
# Shunned Hosts/Networks
#============================================================================

$IPT -N SHUN
for ip in $SHUN; do
$IPT -A SHUN -s $ip -j BAD_IP
$IPT -A SHUN -d $ip -j BAD_IP
done

#============================================================================
# Inbound IP Checks
#============================================================================

$IPT -N IN_IP_CHECK
for sip in $BADSIP
do
$IPT -A IN_IP_CHECK -s $sip -j BAD_IP
done
# External NIC
$IPT -A IN_IP_CHECK -i $EXT_DEV -s $EXT_IP -j BAD_IP
$IPT -A IN_IP_CHECK -i $EXT_DEV -s $INT_NET -j BAD_IP
$IPT -A IN_IP_CHECK -i $EXT_DEV -s $DMZ1_NET -j BAD_IP
$IPT -A IN_IP_CHECK -i $EXT_DEV -s $DMZ2_NET -j BAD_IP
# Internal NIC
$IPT -A IN_IP_CHECK -i $INT_DEV -s $INT_IP -j BAD_IP
$IPT -A IN_IP_CHECK -i $INT_DEV -s $EXT_IP -j BAD_IP
#$IPT -A IN_IP_CHECK -i $INT_DEV -s $DMZ1_IP -j BAD_IP
#$IPT -A IN_IP_CHECK -i $INT_DEV -s $DMZ2_IP -j BAD_IP
# DMZ1 NIC
#$IPT -A IN_IP_CHECK -i $DMZ1_DEV -s $DMZ1_IP -j BAD_IP
#$IPT -A IN_IP_CHECK -i $DMZ1_DEV -s $EXT_IP -j BAD_IP
#$IPT -A IN_IP_CHECK -i $DMZ1_DEV -s $INT_IP -j BAD_IP
#$IPT -A IN_IP_CHECK -i $DMZ1_DEV -s $DMZ2_IP -j BAD_IP
## DMZ2 NIC
#$IPT -A IN_IP_CHECK -i $DMZ2_DEV -s $DMZ2_IP -j BAD_IP
#$IPT -A IN_IP_CHECK -i $DMZ2_DEV -s $EXT_IP -j BAD_IP
#$IPT -A IN_IP_CHECK -i $DMZ2_DEV -s $INT_IP -j BAD_IP
#$IPT -A IN_IP_CHECK -i $DMZ2_DEV -s $DMZ1_IP -j BAD_IP



#============================================================================
# Outbound IP Checks
#============================================================================

$IPT -N OUT_IP_CHECK
for dip in $BADIP
do
$IPT -A OUT_IP_CHECK -d $dip -j BAD_IP
done
$IPT -A OUT_IP_CHECK -o $EXT_DEV -s $EXT_IP -j RETURN
$IPT -A OUT_IP_CHECK -o $INT_DEV -s $INT_IP -j RETURN
#$IPT -A OUT_IP_CHECK -o $DMZ1_DEV -s $DMZ1_IP -j RETURN
#$IPT -A OUT_IP_CHECK -o $DMZ2_DEV -s $DMZ2_IP -j RETURN
$IPT -A OUT_IP_CHECK -j BAD_IP

#============================================================================
# Inbound ICMP
#============================================================================

$IPT -N IN_ICMP
for sip in $PING; do
$IPT -A IN_ICMP -p icmp --icmp-type echo-request -s $sip -j ACCEPT
$IPT -A IN_ICMP -p icmp --icmp-type echo-reply -s $sip -j ACCEPT
done
$IPT -A IN_ICMP -p icmp --icmp-type destination-unreachable -j ACCEPT
$IPT -A IN_ICMP -p icmp --icmp-type source-quench -j ACCEPT
$IPT -A IN_ICMP -p icmp --icmp-type time-exceeded -j ACCEPT
$IPT -A IN_ICMP -p icmp --icmp-type parameter-problem -j ACCEPT
$IPT -A IN_ICMP -j LOG --log-prefix "IPT In ICMP: " $LOGOPT
$IPT -A IN_ICMP -j DROP # PROBLEM LINE!!!!

#============================================================================
# Outbound ICMP
#============================================================================

$IPT -N OUT_ICMP
for dip in $PING; do
$IPT -A OUT_ICMP -p icmp --icmp-type echo-request -s $dip -j ACCEPT
$IPT -A OUT_ICMP -p icmp --icmp-type echo-reply -s $dip -j ACCEPT
done
#
# For a less courteous, but potentially more secure, firewall, replace
# destination-unreachable by fragmentation-needed in the following rule.
#
$IPT -A OUT_ICMP -p icmp --icmp-type destination-unreachable -j ACCEPT
$IPT -A OUT_ICMP -p icmp --icmp-type source-quench -j ACCEPT
#
# For a less courteous, but potentially more secure, firewall, delete
# the following rule.
#
$IPT -A OUT_ICMP -p icmp --icmp-type parameter-problem -j ACCEPT
$IPT -A OUT_ICMP -j LOG --log-prefix "IPT Out ICMP: " $LOGOPT
$IPT -A OUT_ICMP -j DROP

#============================================================================
# Destination NAT
#============================================================================

# Translates external email IP to internal email IP

$IPT -t nat -A PREROUTING -i $EXT_DEV -p tcp -d $SMTP_EIP --dport 25 -j DNAT --to-destination $SMTP_IP

# Translates external DNS IP to internal DNS IP
$IPT -t nat -A PREROUTING -i $EXT_DEV -p udp -d $DNS_EIP --dport 53 -j DNAT --to-destination $DNS_IP

# Translates external Citrix IP to internal Citrix IP
$IPT -t nat -A PREROUTING -i $EXT_DEV -p tcp -d $CITRIX_EIP --dport 1494 -j DNAT --to-destination $CITRIX_IP


#============================================================================
# Source NAT
#============================================================================

$IPT -t nat -A POSTROUTING -o $EXT_DEV -j SNAT --to-source $EXT_IP

# $IPT -t nat -A POSTROUTING -o $EXT_DEV -s $SMTP_IP -j SNAT --to-source #SMTP_EIP
# $IPT -t nat -A POSTROUTING -o $EXT_DEV -s $DNS_IP -j SNAT --to-source #DNS_EIP
# $IPT -t nat -A POSTROUTING -o $EXT_DEV -s $CITRIX_IP -j SNAT --to-source #CITRIX_EIP

#============================================================================
# Inbound traffic to protected network
#============================================================================

$IPT -N IN_NETWORK
#$IPT -A IN_NETWORK -p icmp -j IN_ICMP
#$IPT -A IN_NETWORK -p tcp -j TCP_FLAGS
#$IPT -A IN_NETWORK -p tcp --syn -j SYN_FLOOD
#$IPT -A IN_NETWORK -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT
#$IPT -A IN_NETWORK -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT

#if [ "$STMP_IP" != "" ]
#then
$IPT -A IN_NETWORK -p tcp --syn -d $SMTP_IP --dport 25 -j ACCEPT
#fi

#if [ "DNS_IP" != "" ]
#then
$IPT -A IN_NETWORK -p udp -d $DNS_IP --dport 53 -j ACCEPT
#fi

#if [ "$CITRIX_IP" != "" ]
#then
$IPT -A IN_NETWORK -p tcp --syn -d $CITRIX_IP -j ACCEPT
#fi

#============================================================================
# Outbound traffic from protected network
#============================================================================

$IPT -N OUT_NETWORK
$IPT -A OUT_NETWORK -p icmp -j OUT_ICMP
$IPT -A OUT_NETWORK -p tcp -j TCP_FLAGS
$IPT -A OUT_NETWORK -m state --state ESTABLISHED,RELATED -j ACCEPT

# The followed rules allow clients on protected networks to connect to
# remote services.

$IPT -A OUT_NETWORK -m state --state NEW -p tcp --dport 21 -j ACCEPT # ftp
$IPT -A OUT_NETWORK -m state --state NEW -p tcp --dport 22 -j ACCEPT # ssh
$IPT -A OUT_NETWORK -m state --state NEW -p tcp --dport 23 -j ACCEPT # telnet
$IPT -A OUT_NETWORK -m state --state NEW -p tcp --dport 25 -j ACCEPT # smtp
$IPT -A OUT_NETWORK -m state --state NEW -p tcp --dport 80 -j ACCEPT # http
$IPT -A OUT_NETWORK -m state --state NEW -p tcp --dport 443 -j ACCEPT # https
$IPT -A OUT_NETWORK -m state --state NEW -p tcp --dport 1494 -j ACCEPT # citrix
$IPT -A OUT_NETWORK -m state --state NEW -p tcp --dport 5900 -j ACCEPT # VNC
$IPT -A OUT_NETWORK -m state --state NEW -p udp --dport 53 -j ACCEPT # dns


#============================================================================
# Inbound traffic to firewall host
#============================================================================

$IPT -N IN_FIREWALL
$IPT -A IN_FIREWALL -p icmp -j IN_ICMP
$IPT -A IN_FIREWALL -p tcp -j TCP_FLAGS
$IPT -A IN_FIREWALL -p tcp --syn -j SYN_FLOOD
$IPT -A IN_FIREWALL -j IN_IP_CHECK
$IPT -A IN_FIREWALL -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A IN_FIREWALL -m state --state ESTABLISHED,RELATED -j ACCEPT

#for sip in $SSH
#do
# $IPT -A IN_FIREWALL -p tcp -s $sip -dport 22 -m state --state NEW -j ACCEPT
#done
$IPT -A IN_FIREWALL -j LOG --log-prefix "IPT IN_FIREWALL: " $LOGOPT
$IPT -A IN_FIREWALL -j DROP

#============================================================================
# Outbound traffic from firewall host
#============================================================================

$IPT -N OUT_FIREWALL
#$IPT -A OUT_FIREWALL -p icmp -j OUT_ICMP
#$IPT -A OUT_FIREWALL -p tcp -j TCP_FLAGS
#$IPT -A OUT_FIREWALL -m state --state ESTABLISHED,RELATED -j ACCEPT
#$IPT -A OUT_FIREWALL -j OUT_IP_CHECK

# The following rules enable clients on the firewall host to connect to remote
# servers.

$IPT -A OUT_FIREWALL -m state --state NEW -p tcp --dport 21 -j ACCEPT # ftp
$IPT -A OUT_FIREWALL -m state --state NEW -p tcp --dport 22 -j ACCEPT # ssh
$IPT -A OUT_FIREWALL -m state --state NEW -p tcp --dport 25 -j ACCEPT # smtp
$IPT -A OUT_FIREWALL -m state --state NEW -p tcp --dport 80 -j ACCEPT # http
$IPT -A OUT_FIREWALL -m state --state NEW -p tcp --dport 443 -j ACCEPT # https
$IPT -A OUT_FIREWALL -m state --state NEW -p tcp --dport 1494 -j ACCEPT # citrix
$IPT -A OUT_FIREWALL -m state --state NEW -p udp --dport 53 -j ACCEPT # dns

$IPT -A OUT_FIREWALL -j LOG --log-prefix "IPT OUT_FIREWALL: " $LOGOPT
$IPT -A OUT_FIREWALL -j DROP

#============================================================================
# Main Firewall Rules
#============================================================================

$IPT -A FORWARD -j SHUN
$IPT -A FORWARD -i $EXT_DEV -j IN_NETWORK
$IPT -A FORWARD -i $INT_DEV -j OUT_NETWORK
#$IPT -A FORWARD -i $DMZ1_DEV -j OUT_NETWORK
#$IPT -A FORWARD -i $DMZ2_DEV -j OUT_NETWORK
$IPT -A FORWARD -j LOG --log-prefix "IPT FORWARD: " $LOGOPT
$IPT -A FORWARD -j DROP

$IPT -A INPUT -j SHUN
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A INPUT -j IN_FIREWALL
$IPT -A INPUT -j LOG --log-prefix "IPT INPUT: " $LOGOPT
$IPT -A INPUT -j DROP

$IPT -A OUTPUT -j SHUN
$IPT -A OUTPUT -o lo -j ACCEPT
$IPT -A OUTPUT -j OUT_FIREWALL
$IPT -A OUTPUT -j LOG --log-prefix "IPT OUTPUT: " $LOGOPT
$IPT -A OUTPUT -j DROPRed Hat Linux Firewalls

Any help would be much appreciated

Last edited by intranet_man; 12-15-2004 at 04:14 PM.
 
Old 12-15-2004, 05:18 PM   #2
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
Uncomment the last 2 lines and the 2nd line..
You have a DROP policy which means everything needs to be specifically ACCEPTed..
This allows icmp, tcp & udp to come in..

#============================================================================
# Inbound traffic to protected network
#============================================================================

$IPT -N IN_NETWORK
#$IPT -A IN_NETWORK -p icmp -j IN_ICMP
#$IPT -A IN_NETWORK -p tcp -j TCP_FLAGS
#$IPT -A IN_NETWORK -p tcp --syn -j SYN_FLOOD
#$IPT -A IN_NETWORK -p tcp -m state --state ESTABLISHED,RELATED -j ACCEPT
#$IPT -A IN_NETWORK -p udp -m state --state ESTABLISHED,RELATED -j ACCEPT

and uncomment all these rules for the same reason..
There will always be packets the firewall will generate itself.

#============================================================================
# Outbound traffic from firewall host
#============================================================================

$IPT -N OUT_FIREWALL
#$IPT -A OUT_FIREWALL -p icmp -j OUT_ICMP
#$IPT -A OUT_FIREWALL -p tcp -j TCP_FLAGS
#$IPT -A OUT_FIREWALL -m state --state ESTABLISHED,RELATED -j ACCEPT
#$IPT -A OUT_FIREWALL -j OUT_IP_CHECK

The last line in IN_FIREWALL looks like an unecessary duplication..

#============================================================================
# Inbound traffic to firewall host
#============================================================================

$IPT -N IN_FIREWALL
$IPT -A IN_FIREWALL -p icmp -j IN_ICMP
$IPT -A IN_FIREWALL -p tcp -j TCP_FLAGS
$IPT -A IN_FIREWALL -p tcp --syn -j SYN_FLOOD
$IPT -A IN_FIREWALL -j IN_IP_CHECK
$IPT -A IN_FIREWALL -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPT -A IN_FIREWALL -m state --state ESTABLISHED,RELATED -j ACCEPT
 
Old 12-16-2004, 02:29 PM   #3
intranet_man
LQ Newbie
 
Registered: Dec 2004
Distribution: RHEL 3/4, Fedora 3, dynebolic, Knoppix
Posts: 22

Original Poster
Rep: Reputation: 15
Thanks

Thanks for the input. Conceptually wise, the changes you suggested make sense, however, they did not allow the firewall to function correctly.

I tried pinging the external nic on the router and that worked, pinging the localhost worked, pinging the internal firewall nic worked, and pinging the firewall external nic worked. However, anything within our outside still does not work.

Argh. I appreciate the assistance! Back to the drawing board.
 
Old 12-16-2004, 03:08 PM   #4
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,064
Blog Entries: 1

Rep: Reputation: 90
I think that's a little TOO long to experiment... even to try to understand. Why not try some simple rules in order to test and then go on with the full configuration?
 
Old 12-16-2004, 03:14 PM   #5
intranet_man
LQ Newbie
 
Registered: Dec 2004
Distribution: RHEL 3/4, Fedora 3, dynebolic, Knoppix
Posts: 22

Original Poster
Rep: Reputation: 15
long

That's what I'm working on right now. I figured I could break it down, but I wanted to see if I could just get it in place. Seemed pretty straighforward after the read, but now it seems like more of a headache than anything. I'll see how it goes and post back here after I work through smaller modules. Thanks!
 
Old 12-16-2004, 03:17 PM   #6
eantoranz
Senior Member
 
Registered: Apr 2003
Location: Costa Rica
Distribution: Kubuntu, Debian, Knoppix
Posts: 2,064
Blog Entries: 1

Rep: Reputation: 90
well... I wouldn't trim it. I would start from the beginning... I mean... in order to TEST, you shouldn't need a so-sofisticated configuration. What you need is a bunch of rules to get it "up and running", catch the concept and then try to fit it in that monster you typed in the first place.
 
Old 12-17-2004, 04:59 AM   #7
peter_robb
Senior Member
 
Registered: Feb 2002
Location: Szczecin, Poland
Distribution: Gentoo, Debian
Posts: 2,458

Rep: Reputation: 48
Once a script like yours has loaded, look at the results with iptables-save

This will show what is active...

Also have a look at this tutorial http://iptables-tutorial.frozentux.n...-tutorial.html
and the scripts at the end of the tutorial..
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
IP Routing Tables collern2 Linux - Security 1 05-23-2005 10:48 AM
routing tables or forwarding through IPTABLES razan Linux - Networking 7 03-24-2005 10:15 PM
two routing tables fugzi Linux - Networking 7 12-03-2004 06:02 PM
routing tables help hadoque Linux - Networking 0 08-28-2004 09:10 AM
An Important Q about routing tables and iptables!! Farhang Linux - Networking 2 07-26-2004 06:43 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 04:44 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration