From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on sa.int.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=3.2.3 X-Virus-Scanned: amavisd-new at localhost From: Starodumoff Ilya To: community@lists.altlinux.org Date: Sat, 19 Apr 2008 21:01:34 +0600 User-Agent: KMail/1.9.9 References: <8cb899cc0804130754u7d621b3cged692c73780f93a1@mail.gmail.com> <200804191439.09461.ripper.mail@gmail.com> <8cb899cc0804190313m4ab49dc4i23745f8bd0665f5a@mail.gmail.com> In-Reply-To: <8cb899cc0804190313m4ab49dc4i23745f8bd0665f5a@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200804192101.34071.ripper.mail@gmail.com> Subject: Re: [Comm] =?utf-8?b?0J3QtSDQvtGC0LrRgNGL0LLQsNGO0YLRgdGPINC90LXQutC+?= =?utf-8?b?0YLQvtGA0YvQtSDRgdCw0LnRgtGLLg==?= X-BeenThere: community@lists.altlinux.org X-Mailman-Version: 2.1.10b3 Precedence: list Reply-To: ALT Linux Community general discussions List-Id: ALT Linux Community general discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Apr 2008 15:01:41 -0000 Archived-At: List-Archive: List-Post: =D0=92 =D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D0=B8 =D0=BE=D1=82 = 19 =D0=B0=D0=BF=D1=80=D0=B5=D0=BB=D1=8F 2008 Denis A. Lopin =D0=BD=D0=B0=D0= =BF=D0=B8=D1=81=D0=B0=D0=BB(a): > 1: lo: mtu 16436 qdisc noqueue > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > 2: eth2: mtu 1500 qdisc pfifo_fast qlen > 1000 > link/ether 00:19:5b:8a:f8:bf brd ff:ff:ff:ff:ff:ff > 3: eth0: mtu 1500 qdisc pfifo_fast qlen > 1000 > link/ether 00:19:5b:82:ae:09 brd ff:ff:ff:ff:ff:ff > 4: ppp0: mtu 1492 qdisc > pfifo_fast qlen 3 > link/ppp > > pkts bytes target prot opt in out source > destination > 2475 439K ACCEPT 0 -- * * 0.0.0.0/0 > 0.0.0.0/0 state RELATED,ESTABLISHED > 62 2988 ACCEPT 0 -- * * 192.168.2.0/24 > 0.0.0.0/0 > 0 0 ACCEPT udp -- * * 192.168.2.0/24 > 0.0.0.0/0 udp dpt:53 > 0 0 DROP 0 -- * * 0.0.0.0/0 > 0.0.0.0/0 > > pkts bytes target prot opt in out source > destination > 57 2740 SNAT 0 -- * ppp0 192.168.2.0/24 > 0.0.0.0/0 to:12.345.678.901 > > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination iptables -F FORWARD iptables -A FORWARD -m state --state INVALID -j DROP iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -i _=D0=B8=D0=BD=D1=82=D0=B5=D1=80=D1=84=D0=B5=D0=B9=D1= =81_=D0=B2_=D0=BB=D0=BE=D0=BA=D0=B0=D0=BB=D0=BA=D1=83_ -j ACCEPT iptables -t mangle -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j \=20 TCPMSS --clamp-mss-to-pmtu =D1=82=D0=B0=D0=BA, =D0=B5=D1=81=D0=B5=D1=81=D1=81=D0=BD=D0=BE, =D1=80=D0= =B0=D0=B7=D1=80=D0=B5=D1=88=D0=B5=D0=BD=D0=BE =D0=BA =D1=84=D0=BE=D1=80=D0= =B2=D0=B0=D1=80=D0=B4=D0=B8=D0=BD=D0=B3=D1=83 =D0=B8=D0=B7 =D0=BB=D0=BE=D0= =BA=D0=B0=D0=BB=D0=BA=D0=B8 =D0=B2=D1=81=D0=B5... =2D-=20 =D0=A1 =D1=83=D0=B2=D0=B0=D0=B6=D0=B5=D0=BD=D0=B8=D0=B5=D0=BC, =D0=A1=D1=82=D0=B0=D1=80=D0=BE=D0=B4=D1=83=D0=BC=D0=BE=D0=B2 =D0=98=D0=BB= =D1=8C=D1=8F