change from eth0 ---- router interface , to ppp0 --- ethernet modem interface

Email lists > Netfilter iptables discussion and user questions

Thread: change from eth0 ---- router interface , to ppp0 --- ethernet modem interface

Search this list only Search all lists
change from eth0 ---- router interface , to ppp0 --- ethernet modem interface
	2007-08-14 15:32:39
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I finally changed device to connect to internet on my gateway linux box , from a netgear router to an ethernet modem device. Offcourse occourred some changes in my iptables script , what before was 192.168.0.2 ip for eth0 and 192.168.0.1 for my front router now has a eth0 with no ip and a ethernet router with my dynamic isp ip i grab with this script : > EXTIF=ppp0 > EXTIP="`ifconfig $EXTIF \| grep inet \| cut -d : -f 2 \| cut -d -f 1`" - ------- behind my gateway linuxbox (Debian etch) i have two more servers a mail server and a web ftp server .Mail is working great with this iptables: > ARGO="`ifconfig ppp0 \| grep inet \| cut -d : -f 2 \| cut -d -f 1`" > $IPT -t nat -A PREROUTING -p tcp -i $IF0 -d $ARGO --dport 25 -j DNAT --to $MAIL:25 > $IPT -A FORWARD -i $IF0 -o $IF1 -p tcp --dport 25 -d $MAIL -j ACCEPT I have problems with http e https where i'm using this code: > IF0=ppp0 > IF1=eth1 > $IPT -t nat -A PREROUTING -p tcp -i $IF0 -d $ARGO --dport 80 -j DNAT --to $WWW:80 > $IPT -t nat -A PREROUTING -p tcp -i $IF0 -d $ARGO --dport 443 -j DNAT --to $WWW:443 > $IPT -A FORWARD -i $IF0 -o $IF1 -p tcp --dport 80 -d $WWW -j ACCEPT > $IPT -A FORWARD -i $IF0 -o $IF1 -p tcp --dport 443 -d $WWW -j ACCEPT I'm using apache2 with mod_rewrite rewriting connecions from port 80 to 443. What's wrong with my configuration ? I will try to remove that -d $ARGO like this: >$IPT -t nat -A PREROUTING -p tcp -i $IF0 --dport 80 -j DNAT --to $WWW:80 >$IPT -t nat -A PREROUTING -p tcp -i $IF0 --dport 443 -j DNAT --to $WWW:443 And invite you to give it a try http://www.gabrix.ath.cx let's see how it goes. Thanks for the attenction ! gabriele -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGwhFnaSnKyogvewwRAhpMAKCsepaqX5XZZpuY7/Zg+cmNwNdtcACf SAyC vLmZeFzdXaXnqio8fXXTouo= =UdWg -----END PGP SIGNATURE-----

Re: change from eth0 ---- router interface , to ppp0 --- ethernet modem interface
United States	2007-08-15 09:58:22
On 08/14/07 15:32, gabrix wrote: > ARGO="`ifconfig ppp0 \| grep inet \| cut -d : -f 2 \| cut -d -f 1`" > $IPT -t nat -A PREROUTING -p tcp -i $IF0 -d $ARGO --dport 25 -j DNAT > --to $MAIL:25 > $IPT -A FORWARD -i $IF0 -o $IF1 -p tcp --dport 25 -d $MAIL -j ACCEPT > > I have problems with http e https where i'm using this code: > > IF0=ppp0 > IF1=eth1 > $IPT -t nat -A PREROUTING -p tcp -i $IF0 -d $ARGO --dport 80 -j DNAT > --to $WWW:80 > $IPT -t nat -A PREROUTING -p tcp -i $IF0 -d $ARGO --dport 443 -j DNAT > --to $WWW:443 > $IPT -A FORWARD -i $IF0 -o $IF1 -p tcp --dport 80 -d $WWW -j ACCEPT > $IPT -A FORWARD -i $IF0 -o $IF1 -p tcp --dport 443 -d $WWW -j ACCEPT I do not see any thing wrong with the IPTables rules that you have presented. However apparently something else is preventing things from working correctly. > I'm using apache2 with mod_rewrite rewriting connecions from port 80 > to 443. What's wrong with my configuration ? I will try to remove > that -d $ARGO like this: I am curious if you see any traffic comming in to your web server at all, be it via netstat, TCPDump, logs, etc. I also wonder what else may be in your IPTables rules that is not presented that may be causing problems. Can / will you do an iptables-save and show us the output of your entire IPTables configuration? > And invite you to give it a try http://www.gabrix.ath.cx let's see > how it goes. > > Thanks for the attenction ! nod Grant. . . .

[1-2]

about | contact Other archives ( Real Estate discussion Medical topics )

Mailing lists

ARCHIVES