ja te ocorreu que a porta pode estar bloqueada na telefonica?
Versão Imprimível
ja te ocorreu que a porta pode estar bloqueada na telefonica?
Não acredito que a porta esteja bloqueada....mas testei com a 9000 e
o problema continua..
vai o script que utilizo.
#!/bin/sh
#/
###############################################################################
# #
# Script de inicialização de regras de firewall #
###############################################################################
# #
# Copyright (C) 2003 Free Software Foundation, Inc. #
# #
# This script is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2, or (at your option) #
# any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You find more about GPL at http://www.gnu.org. #
# #
###############################################################################
IPTABLES="/usr/sbin/iptables"
EXIT_DEV="ppp0"
IPNET=`ifconfig ppp0 | grep "end.:" | awk '{ print $3 }' | cut -d: -f 2`
INPUT_DEV="192.168.0.254"
REDE_IP="192.168.0.0/24"
MAQWEB="192.168.0.2"
/sbin/insmod ip_tables
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "1" > /proc/sys/net/ipv4/ip_dynaddr
#
$IPTABLES -P INPUT ACCEPT
$IPTABLES -F INPUT
$IPTABLES -P OUTPUT ACCEPT
$IPTABLES -F OUTPUT
$IPTABLES -P FORWARD DROP
$IPTABLES -F FORWARD
$IPTABLES -t nat -F..
$IPTABLES -F
$IPTABLES -X
$IPTABLES -Z
$IPTABLES -L -v -n
#
$IPTABLES -N BLOCK
$IPTABLES -A BLOCK -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A BLOCK -m state --state NEW -i ! $EXIT_DEV -j ACCEPT
$IPTABLES -A BLOCK -j DROP
$IPTABLES -A INPUT
$IPTABLES -A INPUT -j BLOCK
$IPTABLES -A FORWARD -j BLOCK
#
$IPTABLES -A INPUT -p tcp --destination-port 8090 -j ACCEPT
$IPTABLES -I FORWARD -i ppp0 -p tcp --dport 8090 -d $INPUT_DEV -j ACCEPT
$IPTABLES -I FORWARD -p tcp --sport 8090 -s $INPUT_DEV -j ACCEPT
$IPTABLES -t nat -A PREROUTING -p tcp -d $IPNET --dport 8090 -j DNAT --to $MAQWEB
$IPTABLES -t nat -A POSTROUTING -p tcp -d $MAQWEB --dport 8090 -j SNAT --to $IPNET
#
$IPTABLES -A INPUT -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
$IPTABLES -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT
$IPTABLES -A INPUT -p tcp --syn -m limit --limit 1/s -j ACCEPT
$IPTABLES -A FORWARD -p tcp --syn -m limit --limit 1/s -j ACCEPT
$IPTABLES -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
$IPTABLES -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
$IPTABLES -t filter -A INPUT -j ACCEPT -i lo
$IPTABLES -t filter -A FORWARD -j ACCEPT -m state --state ESTABLISHED,RELATED
$IPTABLES -t filter -A INPUT -j ACCEPT -m state --state ESTABLISHED,RELATED
$IPTABLES -A FORWARD -i $EXIT_DEV -o $INPUT_DEV -m state --state ESTABLISHED,RELATED -j ACCEPT
$IPTABLES -A FORWARD -i $INPUT_DEV -o $EXIT_DEV -j ACCEPT
$IPTABLES -A FORWARD -j LOG
#
$IPTABLES -t nat -A POSTROUTING -o $EXIT_DEV -j MASQUERADE
$IPTABLES -t nat -A POSTROUTING -s 0.0.0.0/0 -o $EXIT_DEV -j MASQUERADE
#
$IPTABLES -A INPUT -i $EXIT_DEV -m state --state NEW,INVALID -j DROP
$IPTABLES -A FORWARD -i $EXIT_DEV -m state --state NEW,INVALID -j DROP
$IPTABLES -L -v -n
help..please
tks
Você está conseguindo fazer nat normalmente?
Para fazer mascaramento você precisa carregar o modulo de Nat
#modprobe iptable_nat
Talvez funcione
Abraços
o nat ta funcionando normal....
o que não consigo e liberar a porta 8089 pro apache
tks
pelo que lih ali em cima o pessoal de fora soh consegue acessar o speedy cum o ip:porta naum eh?
1° pergunta: se teim rodandu um server dns?
2° pergunta: se abriu a porta 53 do bind?
3° pergunta: na tu lan as outras estações estaum conseguindo acessar o apache pelo ip do server e porta?
bom pode ser besteira essas perguntas mais pode esclarecer algumas coisas!! :D