I have not read all the configs you sent yet, but a few things:
you might want to blank out your public address when sending configs to mailing
lists
can you give the output of this
for i in raw mangle filter nat
do echo -e "\n\n$i:"; iptables -t $i -nvL
done
this will show the config for all the tables and in a little more detail
also your firewall appears to be mis configured
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
this will accept ALL incoming connections
Frank Razenberg wrote:
> Hi Ajitabh,
>
> I attached the information you asked. Apologies for the mail I just sent
> to your address instead of to the mailing list.
>
> Frank
>
>
> Ajitabh Pandey wrote:
>> Hi Frank,
>>
>> 2009/1/21 Frank Razenberg <frank@zzattack.org
>> <mailto:frank@zzattack.org>>
>> [snipped....]
>>
>> Some details that might help identify my problem:
>> - I set ipmasq to start after services have been started using
>> dpkg-reconfigure
>> - in /etc/network/interfaces, for eth0 I execute a script after
>> eth0 is brought up. This script initializes iptables rules and ip
>> masquerading.
>> - I use dnsmasq as DHCP and DNS server.
>> - The eth0 interface gets it's IP from a DHCP server by my ISP,
>> eth1 has a static ip.
>>
>>
>> To start with, it will be helpful if you could send the following:
>>
>> (1.) The iptables rule-set
>> (2.) Output of ifconfig
>> (3.) Output of route -n
>> (4.) Contents of /etc/hosts and /etc/resolv.conf
>> (5.) DNSMASQ configuration file.
>>
>> Regards.
>> -- Ajitabh Pandey
>> http://www.ajitabhpandey.info/ | http://www.unixclinic.net/
>> ICQ - 150615062
>> Registered Linux User - 240748
>
--
Mark Chong
System Administrator
Quick Knowledge
p: 03 9804 2130
f: 1800 657 778
mail: mchong@qk.com.au
web: www.qk.com.au
--
To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
No comments:
Post a Comment