From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <djbouley@shaw.ca>
Date: Tue, 08 Apr 2003 06:52:26 -0600
From: djbouley <djbouley@shaw.ca>
To: Community-en@altlinux.org
Message-id: <200304080652.26945.djbouley@shaw.ca>
MIME-version: 1.0
Content-type: multipart/mixed; boundary="Boundary_(ID_pbCXQ8Zd2cW8bzYCSLOUXA)"
User-Agent: KMail/1.5
Subject: [Comm-en] setting up iptables
Sender: community-en-admin@altlinux.org
Errors-To: community-en-admin@altlinux.org
X-BeenThere: community-en@altlinux.org
X-Mailman-Version: 2.0.9
Precedence: bulk
Reply-To: community-en@altlinux.org
List-Unsubscribe: <http://www.altlinux.org/mailman/listinfo/community-en>,
	<mailto:community-en-request@altlinux.org?subject=unsubscribe>
List-Id: <community-en.altlinux.org>
List-Post: <mailto:community-en@altlinux.org>
List-Help: <mailto:community-en-request@altlinux.org?subject=help>
List-Subscribe: <http://www.altlinux.org/mailman/listinfo/community-en>,
	<mailto:community-en-request@altlinux.org?subject=subscribe>
List-Archive: <http://www.altlinux.org/pipermail/community-en/>
Archived-At: <http://lore.altlinux.org/community-en/200304080652.26945.djbouley@shaw.ca/>
List-Archive: <http://lore.altlinux.org/community-en/>
List-Post: <mailto:community-en@lists.altlinux.org>

--Boundary_(ID_pbCXQ8Zd2cW8bzYCSLOUXA)
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: 7BIT
Content-disposition: inline


    "iptabes": was it copied over or typed in by hand? (so is it a
    typo somewhere in the package or not)

I typed it in by hand.  Of course it is entirely possible that there's an 
error in it that I'm just not seeing.

    OTOH /usr/lib/iptables/libipt_tcprules.so is not present on my
    system; need to look at iptables config file.

I cannot find it on my system either.

    > Try 'iptables-restore -h' or 'iptables-restore --help' for more 
    information 
    > [FAILED]
    > ===================================================

    Umm... could you run "rpm -V iptables" and quote the output?
    (should be something like this:
    ..?..... c /etc/sysconfig/iptables
    ..?..... c /etc/sysconfig/iptables_modules
    )

Running rpm -V iptables produced this:
SM5....T c /etc/sysconfig/iptables
..?..... c /etc/sysconfig/iptables_modules

    > I double checked the previous files I created and they're okay.

    Attaching /etc/sysconfig/iptables could help too.

    > Any suggestions?  I'm almost there... I can 'feel' it!  :o)

Here's the contents of /etc/sysconfig/iptables:


--Boundary_(ID_pbCXQ8Zd2cW8bzYCSLOUXA)
Content-type: text/plain; charset=us-ascii; name=tcpout.txt
Content-transfer-encoding: 7BIT
Content-disposition: attachment; filename=tcpout.txt

*filter
-A INPUT -j tcprules
-A FORWARD -j tcprules
-A tcprules -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A tcprules -i ! eth1 -m state --state NEW -j ACCEPT
-A tcprules -i eth1 -m state --state INVALID,NEW -j DROP
-A tcprules -i eth1 -j REJECT --reject-with icmp-host-unreachable
COMMIT
*nat
-A POSTROUTING -s 192.168.0.0/24 -o eth1 -j MASQUERADE
COMMIT

--Boundary_(ID_pbCXQ8Zd2cW8bzYCSLOUXA)--