iptables a remote desktop

Úterý Duben 5 10:45:54 CEST 2005

On Tue, Apr 05, 2005 at 10:15:26AM +0200, Bobby Gontarski wrote:
> Potrebuji se pres internet pripojit ke vzdalene plose (remote desktop) na pocitaci s win XP, ktery je za linuxovym iptables firewallem.
> Do iptables jsem dal nasledujici pravidla:
> 
> iptables -A FORWARD -i eth1 -o eth0 -p tcp --dport 3389 -d 192.168.1.251 -j ACCEPT
> 
> iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 3389 -j DNAT --to 192.168.1.251:3389
Formalne je to spravne, otazka je, co je eth0/eth1 a ci je to spravny port a
IP.

tcpdump je tvoj priatel :-)

> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
Toto znamena, ze zatial nic neforwardoval, co je divne.

> pkts bytes target prot opt in out source destination 
> 0 0 ACCEPT tcp -- eth1 eth0 0.0.0.0/0 192.168.1.251 tcp dpt:3389 
tie 2 nuly znamenaju za ziadne pakety nepresli

> Chain PREROUTING (policy ACCEPT 4 packets, 634 bytes)
> pkts bytes target prot opt in out source destination 
> 0 0 DNAT tcp -- eth1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3389 to:192.168.1.251:3389 
Tuna tiez.

S pozdravom,

Peter Surda (Shurdeek) <shurdeek na routehat.org>, ICQ 10236103, +436505122023

-- 
                           Reboot America.