02/06/03 13:20 z8IONuWA
DNS/NTPサーバ設定あれこれ直したりしてたけど
>>193
で解消 thx
# Generated by iptables-save v1.2.6a on Mon Jun 3 12:38:22 2002
*filter
:INPUT DROP [446:41510]
:FORWARD DROP [10:432]
:OUTPUT DROP [604:49984]
-A INPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
-A INPUT -s 192.168.2.6 -i eth1 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -s 192.168.2.6 -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -i eth1 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 123 -j ACCEPT
-A INPUT -i eth1 -p udp -m udp --dport 123 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --sport 53 -j ACCEPT
-A FORWARD -d 192.168.2.0/255.255.255.0 -j ACCEPT
-A FORWARD -s 192.168.2.0/255.255.255.0 -j ACCEPT
-A FORWARD -d 192.168.3.2 -p tcp -m tcp --dport 80 -j ACCEPT
-A FORWARD -s 192.168.3.2 -p tcp -m tcp --sport 80 ! --tcp-flags SYN,RST,ACK SYN -m state --state ESTABLISHED -j ACCEPT
-A OUTPUT -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT
-A OUTPUT -d 192.168.2.6 -o eth1 -p tcp -m tcp --sport 22 ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT
-A OUTPUT -d 192.168.2.6 -p icmp -m icmp --icmp-type 0 -j ACCEPT
-A OUTPUT -o eth1 -p udp -m udp --sport 53 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 123 -j ACCEPT
-A OUTPUT -o eth1 -p udp -m udp --sport 123 -j ACCEPT
-A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT
COMMIT
# Completed on Mon Jun 3 12:38:22 2002
# Generated by iptables-save v1.2.6a on Mon Jun 3 12:38:22 2002
*nat
:PREROUTING ACCEPT [1251:92645]
:POSTROUTING ACCEPT [105:6734]
:OUTPUT ACCEPT [960:65072]
-A PREROUTING -d 192.168.1.100 -i eth0 -j DNAT --to-destination 192.168.3.2
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Jun 3 12:38:22 2002