[linux] Re: ppp vraag voor palm

Hans Paijmans j.j.paijmans op uvt.nl
Zo mei 27 19:19:26 CEST 2007 

Rob Sterenborg wrote:
> [...]
> 
>>>> En iptables?
>> als ik de firewall uit zet doet hij het ook niet.
> 
> Die moet juist "aan" (afhankelijk van wat je rules zijn)..
> Daarmee kan je aangeven dat de Palm via NAT naar het internet moet.
> 
> Wat zegt:
> 
> # iptables -nvL
> 
> # iptables -t nat -nvL

Chain PREROUTING (policy ACCEPT 344 packets, 40232 bytes)
 pkts bytes target     prot opt in     out     source
destination

Chain POSTROUTING (policy ACCEPT 28747 packets, 1656K bytes)
 pkts bytes target     prot opt in     out     source
destination

Chain OUTPUT (policy ACCEPT 28747 packets, 1656K bytes)
 pkts bytes target     prot opt in     out     source
destination

> # iptables -nvL
---------------------------
Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination
 6136  555K ACCEPT     all  --  lo     *       0.0.0.0/0
0.0.0.0/0
88231   61M ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0           state RELATED,ESTABLISHED
  139 12230 input_ext  all  --  eth0   *       0.0.0.0/0
0.0.0.0/0
   24  4254 input_ext  all  --  *      *       0.0.0.0/0
0.0.0.0/0
    0     0 LOG        all  --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix
`SFW2-IN-ILL-TARGET '
    0     0 DROP       all  --  *      *       0.0.0.0/0
0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination
    0     0 LOG        all  --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix
`SFW2-FWD-ILL-ROUTING '

Chain OUTPUT (policy ACCEPT 163 packets, 33099 bytes)
 pkts bytes target     prot opt in     out     source
destination
 6136  555K ACCEPT     all  --  *      lo      0.0.0.0/0
0.0.0.0/0
 114K   35M ACCEPT     all  --  *      *       0.0.0.0/0
0.0.0.0/0           state NEW,RELATED,ESTABLISHED
  109 22052 LOG        all  --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix
`SFW2-OUT-ERROR '

Chain forward_ext (0 references)
 pkts bytes target     prot opt in     out     source
destination

Chain input_ext (2 references)
 pkts bytes target     prot opt in     out     source
destination
   42  5642 DROP       all  --  *      *       0.0.0.0/0
0.0.0.0/0           PKTTYPE = broadcast
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           icmp type 4
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           icmp type 8
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           state RELATED,ESTABLISHED icmp type 0
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           state RELATED,ESTABLISHED icmp type 11
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           state RELATED,ESTABLISHED icmp type 12
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           state RELATED,ESTABLISHED icmp type 14
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           state RELATED,ESTABLISHED icmp type 18
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3 code 2
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0
0.0.0.0/0           state RELATED,ESTABLISHED icmp type 5
    0     0 LOG        tcp  --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 tcp dpt:80 flags:0x17/0x02
LOG flags 6 level 4 prefix `SFW2-INext-ACC-TCP '
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0
0.0.0.0/0           tcp dpt:80
    0     0 LOG        tcp  --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 tcp dpt:22 flags:0x17/0x02
LOG flags 6 level 4 prefix `SFW2-INext-ACC-TCP '
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0
0.0.0.0/0           tcp dpt:22
    0     0 reject_func  tcp  --  *      *       0.0.0.0/0
0.0.0.0/0           tcp dpt:113 state NEW
    0     0 LOG        all  --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 PKTTYPE = multicast LOG
flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT '
    0     0 DROP       all  --  *      *       0.0.0.0/0
0.0.0.0/0           PKTTYPE = multicast
    0     0 LOG        tcp  --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 tcp flags:0x17/0x02 LOG
flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT '
    7   392 LOG        icmp --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-DEFLT '
   27  5386 LOG        udp  --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 LOG flags 6 level 4 prefix
`SFW2-INext-DROP-DEFLT '
   37  2285 LOG        all  --  *      *       0.0.0.0/0
0.0.0.0/0           limit: avg 3/min burst 5 state INVALID LOG flags 6
level 4 prefix `SFW2-INext-DROP-DEFLT-INV '
  121 10842 DROP       all  --  *      *       0.0.0.0/0
0.0.0.0/0

Chain reject_func (1 references)
 pkts bytes target     prot opt in     out     source
destination
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0
0.0.0.0/0           reject-with tcp-reset
    0     0 REJECT     udp  --  *      *       0.0.0.0/0
0.0.0.0/0           reject-with icmp-port-unreachable
    0     0 REJECT     all  --  *      *       0.0.0.0/0
0.0.0.0/0           reject-with icmp-proto-unreachable




> 
> Groet,
> Rob
> 
> 
> 


-- 
Dr. J.J. Paijmans
Tilburg University: Dept. of Linguistics & AI                013-4662693
Rijksdienst voor Archeologie, Cultuurlandschap en Monumenten 033-4227591
Maastricht University: IKAT, Faculty of General Sciences     043-3883477
Thuis: Kleine St.Jansstraat 3, 3811 HV  Amersfoort           033-4722579
http://paai.uvt.nl     http://paijmans.net          GSM: +31 621 961 083

More information about the Linux mailing list