D&C Lug - Home Page
Devon & Cornwall Linux Users' Group

[ Date Index ][ Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]

[LUG] IPChains/Routing



I've got an IPCop Internet gateway which appears to be configured to
route packets only for the network the green interface is on (10.0.0.0).
I need it to also route packets from the 10.0.1.0 network on the same
interface, to which it has a static route.

I'm presuming this is a job for IPChains? I've read the howto but it
wasn't making much sense to me....
IPChains is currently configured as follows:

root@xxxxx:/ # ipchains -L
Chain input (policy REJECT):
target     prot opt     source                destination           ports
ipac_bth   all  ------  anywhere             anywhere              n/a
ipac_in    all  ------  anywhere             anywhere              n/a
squid      all  ------  anywhere             anywhere              n/a
ACCEPT     all  ------  anywhere             anywhere              n/a
ACCEPT     all  ------  anywhere             anywhere              n/a
secin      all  ------  anywhere             anywhere              n/a
block      all  ------  anywhere             anywhere              n/a
-          all  ----l-  anywhere             anywhere              n/a
Chain forward (policy REJECT):
target     prot opt     source                destination           ports
secout     all  ------  anywhere             anywhere              n/a
MASQ       all  ------  10.0.0.0/24          anywhere              n/a
MASQ       all  ------  10.0.0.0/24          anywhere              n/a
MASQ       all  ------  10.0.0.0/24          anywhere              n/a
dmzholes   all  ------  anywhere             anywhere              n/a
ACCEPT     all  ------  anywhere             10.0.0.0/24           n/a
-          all  ----l-  anywhere             anywhere              n/a
Chain output (policy ACCEPT):
target     prot opt     source                destination           ports
ipac_bth   all  ------  anywhere             anywhere              n/a
ipac_out   all  ------  anywhere             anywhere              n/a
Chain squid (1 references):
Chain secin (1 references):
target     prot opt     source                destination           ports
ACCEPT     all  ------  anywhere             anywhere              n/a
Chain secout (1 references):
target     prot opt     source                destination           ports
ACCEPT     all  ------  anywhere             anywhere              n/a
Chain block (1 references):
target     prot opt     source                destination           ports
ACCEPT     tcp  ------  anywhere             anywhere              any
->   1024:65535
ACCEPT     udp  ------  anywhere             anywhere              any
->   1024:65535
ACCEPT     tcp  ------  anywhere             anywhere              any
->   1024:65535
ACCEPT     udp  ------  anywhere             anywhere              any
->   1024:65535
ACCEPT     tcp  ------  anywhere             192.168.0.0/24        any
->   1024:65535
ACCEPT     udp  ------  anywhere             192.168.0.0/24        any
->   1024:65535
xtaccess   all  ------  anywhere             anywhere              n/a
ACCEPT     udp  ------  anywhere             anywhere              any
->   isakmp
ACCEPT     gre  ------  anywhere             anywhere              n/a
ACCEPT     ipv6-crypt------  anywhere             anywhere              n/a
ACCEPT     ipv6-auth------  anywhere             anywhere              n/a
ACCEPT     udp  ------  anywhere             anywhere              any
->   isakmp
ACCEPT     gre  ------  anywhere             anywhere              n/a
ACCEPT     ipv6-crypt------  anywhere             anywhere              n/a
ACCEPT     ipv6-auth------  anywhere             anywhere              n/a
ACCEPT     udp  ------  anywhere             192.168.0.0/24        any
->   isakmp
ACCEPT     gre  ------  anywhere             192.168.0.0/24        n/a
ACCEPT     ipv6-crypt------  anywhere             192.168.0.0/24        n/a
ACCEPT     ipv6-auth------  anywhere             192.168.0.0/24        n/a
ACCEPT     icmp ------  anywhere             anywhere              any
->   any
ACCEPT     icmp ------  anywhere             anywhere              any
->   any
ACCEPT     icmp ------  anywhere             192.168.0.0/24        any
->   any
Chain xtaccess (1 references):
target     prot opt     source                destination           ports
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   auth
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   auth
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   auth
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   http
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   http
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   http
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   smtp
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   smtp
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   smtp
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   1503
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   1503
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   1503
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   h323hostcall
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   h323hostcall
ACCEPT     tcp  ------  anywhere             192.168.0.2           any
->   h323hostcall
Chain dmzholes (1 references):
Chain ipac_in (1 references):
target     prot opt     source                destination           ports
-          all  ------  anywhere             anywhere              n/a
-          all  ------  anywhere             anywhere              n/a
Chain ipac_out (1 references):
target     prot opt     source                destination           ports
-          all  ------  anywhere             anywhere              n/a
-          all  ------  anywhere             anywhere              n/a
Chain ipac_bth (2 references):


David.


-- 
Running Windows on a Pentium is like having a brand new Porsche but only being able to drive backwards with the handbrake on.



--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.


Lynx friendly