Hey,
I'm new to this forum, and i hope i can make myself understood in describing the problem i am having.
The same settings and iptables ( almost everything ) is reinstalled from an ubuntu that crashed and on a new machine.
The issue is with accesing https sites like wetransfer.com or mail.yahoo.com but surprisingly gmail works... The internet is forwarded from my ISP to LAN, and the connection is on PPPOE. The same firewall was set, with small renaming of the interfaces, that now are enp4s0 and enp5s1 instead of eth0 and eth1, are used to access the internet.
When i try to acces wetransfer from a local machine i get establishing secure connection on Chrome and after that the site took too long to respond and it gives an error. On the machine all works well. all sites can be accesed
My iptables t nat is
Code:
iptables -t nat -nvL
Chain PREROUTING (policy ACCEPT 83 packets, 6615 bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1977 to:192.168.0.2:5000
0 0 DNAT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:1977 to:192.168.0.2:5000
Chain INPUT (policy ACCEPT 24 packets, 1455 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 68 packets, 4546 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 8 packets, 480 bytes)
pkts bytes target prot opt in out source destination
112 8442 MASQUERADE all -- * ppp0 0.0.0.0/0 0.0.0.0/0
while the rules, which are made to be as simple as possible following several tutorials and searching for ideas left me with the following
Code:
iptables -nvL
Chain INPUT (policy ACCEPT 417 packets, 46085 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- * * 0.0.0.0/0 192.168.0.2 tcp dpt:1977 state NEW,RELATED,ESTABLISHED
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
23694 2708K ACCEPT all -- * * 192.168.0.0/24 0.0.0.0/0
41352 42M ACCEPT all -- * * 0.0.0.0/0 192.168.0.0/24
Chain OUTPUT (policy ACCEPT 353 packets, 53476 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT udp -- * * 192.168.0.2 0.0.0.0/0 udp spt:1977 state NEW,RELATED,ESTABLISHED
Chain Badflags (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 LOG flags 0 level 4 prefix "Badflags: "
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain f2b-dos (0 references)
pkts bytes target prot opt in out source destination
18906 3783K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain f2b-pureftpd (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 175.11.211.170 0.0.0.0/0
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
I also have apache2 running. I thought of changing the port 443 from apache2 to make it run on 444 just to be sure that apache2 is not interfering .. and still nothing
Why aren't the web sites on https working ? On my server i can run them and load them.
I had installed lynx to see if something is loaded and information from them is loaded.
What am i missing ?
Thanks