Página 2 de 4 PrimeiroPrimeiro 1234 ÚltimoÚltimo
+ Responder ao Tópico



  1. #6
    AndrewAmorimdaSilva
    Não funcionou kara, será q tenho q restartar a máquina win ??? <IMG SRC="images/forum/icons/icon_confused.gif">

  2. num custa nda fazer isso... vc sabe como eh o ruwindows neh...
    depois posta as regras q vc ta usando aki



  3. #8
    AndrewAmorimdaSilva
    Kra, fiz o teste mas não funcionou.


    # Generated by iptables-save v1.2.5 on Thu Jan 9 08:21:40 2003
    *nat
    <IMG SRC="images/forum/icons/icon_razz.gif">REROUTING ACCEPT [3083378:446604114]
    <IMG SRC="images/forum/icons/icon_razz.gif">OSTROUTING ACCEPT [1415414:90128023]
    <IMG SRC="images/forum/icons/icon_eek.gif">UTPUT ACCEPT [1842537:131753433]
    -A POSTROUTING -s 192.168.7.0/255.255.255.0 -j MASQUERADE
    -A POSTROUTING -s 192.168.6.0/255.255.255.0 -j MASQUERADE
    -A POSTROUTING -s 192.168.5.0/255.255.255.0 -j MASQUERADE
    -A POSTROUTING -s 192.168.4.0/255.255.255.0 -j MASQUERADE
    -A POSTROUTING -s 192.168.3.0/255.255.255.0 -j MASQUERADE
    -A POSTROUTING -s 192.168.20.0/255.255.255.0 -j MASQUERADE
    -A POSTROUTING -s 192.168.1.0/255.255.255.0 -j MASQUERADE
    -A POSTROUTING -s 192.168.255.0/255.255.255.0 -j MASQUERADE
    COMMIT
    # Completed on Thu Jan 9 08:21:40 2003
    # Generated by iptables-save v1.2.5 on Thu Jan 9 08:21:40 2003
    *filter
    :INPUT ACCEPT [99921297:22792850838]
    :FORWARD DROP [258854:13203759]
    <IMG SRC="images/forum/icons/icon_eek.gif">UTPUT ACCEPT [108717383:62737070424]
    -A INPUT -d 200.xxx.xxx.xxx -p tcp -m tcp --dport 135 -j DROP
    -A INPUT -d 200.xxx.xxx.xxx -p tcp -m tcp --dport 136 -j DROP
    -A INPUT -d 200.xxx.xxx.xxx -p tcp -m tcp --dport 137 -j DROP
    -A INPUT -d 200.xxx.xxx.xxx -p tcp -m tcp --dport 138 -j DROP
    -A INPUT -d 200.xxx.xxx.xxx -p tcp -m tcp --dport 139 -j DROP
    -A INPUT -d 200.xxx.xxx.xxx -p tcp -m tcp --dport 111 -j LOG
    -A INPUT -d 200.xxx.xxx.xxx -p tcp -m tcp --dport 111 -j DROP
    -A INPUT -d 200.xxx.xxx.xxx -p tcp -m tcp --dport 3128 -j LOG
    -A INPUT -d 200.xxx.xxx.xxx -p tcp -m tcp --dport 3128 -j DROP
    -A FORWARD -s 192.168.1.0/255.255.255.0 -p tcp -m tcp --dport 110 -j ACCEPT
    -A FORWARD -s 192.168.1.0/255.255.255.0 -p tcp -m tcp --dport 25 -j ACCEPT
    -A FORWARD -s 192.168.6.0/255.255.255.0 -d 192.168.255.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.255.0/255.255.255.0 -d 192.168.6.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.3.0/255.255.255.0 -d 192.168.255.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.255.0/255.255.255.0 -d 192.168.3.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.1.0/255.255.255.0 -d 192.168.255.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.2.0/255.255.255.0 -d 192.168.255.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.4.0/255.255.255.0 -d 192.168.255.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.5.0/255.255.255.0 -d 192.168.255.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.255.0/255.255.255.0 -d 192.168.1.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.255.0/255.255.255.0 -d 192.168.2.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.255.0/255.255.255.0 -d 192.168.4.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.255.0/255.255.255.0 -d 192.168.5.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.0.0/255.255.255.0 -d 192.168.255.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.255.0/255.255.255.0 -d 192.168.0.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.20.0/255.255.255.0 -d 192.168.255.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.255.0/255.255.255.0 -d 192.168.20.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.7.0/255.255.255.0 -d 192.168.255.0/255.255.255.0 -j ACCEPT
    -A FORWARD -s 192.168.255.0/255.255.255.0 -d 192.168.7.0/255.255.255.0 -j ACCEPT
    -A FORWARD -d 200.245.20X.XXX -j ACCEPT
    -A FORWARD -d 200.245.20X.XXX -j ACCEPT
    -A FORWARD -s 200.245.20X.XXX -j ACCEPT
    -A FORWARD -s 200.245.20X.XXX -j ACCEPT
    -A FORWARD -s 200.211.2xx.5 -j ACCEPT
    -A FORWARD -d 200.211.2xx.5 -j ACCEPT
    -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit --limit 1/sec -j ACCEPT
    -A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j ACCEPT
    -A FORWARD -p icmp -m limit --limit 1/sec -m icmp --icmp-type 8 -j ACCEPT
    COMMIT
    # Completed on Thu Jan 9 08:21:40 2003

  4. bom parece q esta tudo certo faça 2 testes:

    1 - retire essas regras:
    -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST,ACK SYN -m limit --limit 1/sec -j ACCEPT
    -A FORWARD -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK RST -m limit --limit 1/sec -j ACCEPT
    -A FORWARD -p icmp -m limit --limit 1/sec -m icmp --icmp-type 8 -j ACCEPT

    2 - coloque como default do FORWARD como ACCEPT



  5. faz mais um teste tb acho q eh esse q vai resolver..
    iptables -A FORWARD -p all -s 0/0 -d 192.168.1.0 -j ACCEPT






Tópicos Similares

  1. Iptables + Outlook + Squid
    Por Westm no fórum Servidores de Rede
    Respostas: 9
    Último Post: 10-06-2008, 16:18
  2. Iptables + Outlook + Velox
    Por mjstudios no fórum Servidores de Rede
    Respostas: 0
    Último Post: 03-06-2008, 15:47
  3. Iptables + Outlook + Squid
    Por ZEDjjs no fórum Servidores de Rede
    Respostas: 20
    Último Post: 09-12-2004, 14:54
  4. iptables + outlook
    Por muganga no fórum Servidores de Rede
    Respostas: 12
    Último Post: 26-10-2004, 07:45
  5. iptables + outlook
    Por Victor.derrico no fórum Servidores de Rede
    Respostas: 1
    Último Post: 05-05-2004, 07:16

Visite: BR-Linux ·  VivaOLinux ·  Dicas-L