Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I suggest that you append a log entry to the forward rule and the try the connection again. Check /var/log/message for what traffic is being droped and add those ports to you forward rules. The remove the log entry. You can drive yourself crazy blindly configuring iptables.
I notice you have a bunch of input rules. Those only apply to connections being made directly to the server. Is that what you want?
Are you try to do IRC directly from this box of is this box a firewall that you are trying to IRC through?
Yes g-rod, the only connections I want made to the server are 1030 - 1033 which I am using for DCC. Along with 22 which I am using for ssh, everything else is droped unless already established.
How would I go about apending a log entry to my forward rule?
Sorry I left this for so long, just didn't cross my mind to check back.
I can connect to IRC fine, that not a problem, it's just I cannot send DCC, I can receive, just not send.
<irc-user> -:- DCC GET ("testing.txt") request from Kristijan[m33p@203.173.60.23419
<irc-user> [192.168.0.2:1030]] 16 bytes
The irc-user seems to see my internal ip address other then my external address. I take it that it's a NAT issue, just not sure on how to fix it. My rules are still the same as they where in post#1
I removed all the forward rules though, they seemd to lag my web browsing for some reason.
EDIT: A friend was just telling me that there is a DCC NAT kernel module that might be usefull in this type of problem, anyone had any expeirence with that?
Is the translation issue still a problem or is that resolved and you are sill not connecting.
You might want to check out http://lists.debian.org/debian-firew.../msg00032.html
This a quote from the end of that link
"IMHO DCC uses random unprivports, so you have to enable all ports
between 1025 and 65535 for the target ip address. (which is quite
unsecure, so use it with care)"
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.