OpenVPN - routing
Jiří Retzer
jiri.retzer na schenker.cz
Čtvrtek Prosinec 16 10:50:00 CET 2004
Iptables:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
8 736 RH-Firewall-1-INPUT all -- any any anywhere
anywhere
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
0 0 RH-Firewall-1-INPUT all -- any any anywhere
anywhere
Chain OUTPUT (policy ACCEPT 11 packets, 780 bytes)
pkts bytes target prot opt in out source
destination
Chain RH-Firewall-1-INPUT (2 references)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT all -- lo any anywhere anywhere
8 736 ACCEPT all -- eth1 any anywhere anywhere
0 0 ACCEPT all -- eth0 any anywhere anywhere
0 0 ACCEPT icmp -- any any anywhere anywhere
icmp any
0 0 ACCEPT ipv6-crypt-- any any anywhere
anywhere
0 0 ACCEPT ipv6-auth-- any any anywhere
anywhere
0 0 ACCEPT all -- any any anywhere anywhere
state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- any any anywhere anywhere
state NEW tcp dpt:5001
0 0 ACCEPT udp -- any any anywhere anywhere
state NEW udp dpt:5001
0 0 ACCEPT udp -- any any anywhere anywhere
state NEW udp dpt:5000
0 0 ACCEPT udp -- any any anywhere anywhere
state NEW udp dpt:1149
0 0 ACCEPT tcp -- any any anywhere anywhere
state NEW tcp dpt:ssh
0 0 REJECT all -- any any anywhere anywhere
reject-with icmp-host-prohibited
-----Original Message-----
From: Pavel Lisy [mailto:pali na tmapy.cz]
Sent: Thursday, December 16, 2004 10:16 AM
To: Konference: Linux
Subject: RE: OpenVPN - routing
Jiří Retzer píše v St 15. 12. 2004 v 15:45 +0100:
> jeste jsem zjistil, ze jestlize dam na serveru ping pres rozhrani
> 10.0.0.1 do vnitrni LAN (10.207.) tak to nepinga. To by mohl byt ten
problem, ne?
V tom pripade to mate asi zakazane v FW pravidlech primo na serveru. Co pise
iptables -L -v
--
Pavel Lisy <pali na tmapy.cz>
T-MAPY spol. s r.o.
Další informace o konferenci Linux