iptables släpper inte igenom dns
Vad har jag gjort fel?
# First we flush our current rules
iptables -F
iptables -t nat -F
# Then we lock our services so they only work from the LAN
iptables -I INPUT 1 -i eth0 -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -p UDP --dport bootps -i ! eth0 -j REJECT
iptables -A INPUT -p UDP --dport domain -i ! eth0 -j REJECT
#ssh,www,ftp,bnc,ventrilo
iptables -A INPUT -p TCP --dport 53 -i eth1 -j ACCEPT
iptables -A INPUT -p UDP --dport 53 -i eth1 -j ACCEPT
iptables -A INPUT -p TCP --dport ssh -i eth1 -j ACCEPT
iptables -A INPUT -p TCP --dport 80 -i eth1 -j ACCEPT
iptables -A INPUT -p TCP --dport 21 -i eth1 -j ACCEPT
iptables -A INPUT -p TCP --dport 1337 -i eth1 -j ACCEPT
iptables -A INPUT -p TCP --dport 3874 -i eth1 -j ACCEPT
iptables -A INPUT -p TCP --dport 136 -i eth1 -j ACCEPT
iptables -A INPUT -p UDP --dport 136 -i eth1 -j ACCEPT
# Drop TCP / UDP packets to privileged ports
iptables -A INPUT -p TCP -i ! eth0 -d 0/0 --dport 0:1023 -j DROP
iptables -A INPUT -p UDP -i ! eth0 -d 0/0 --dport 0:1023 -j DROP
# Finally we add the rules for NAT
iptables -I FORWARD -i eth0 -d 192.168.0.0/255.255.0.0 -j DROP
iptables -A FORWARD -i eth0 -s 192.168.0.0/255.255.0.0 -j ACCEPT
iptables -A FORWARD -i eth1 -d 192.168.0.0/255.255.0.0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
# Tell the kernel that ip forwarding is OK
echo 1 > /proc/sys/net/ipv4/ip_forward
for f in /proc/sys/net/ipv4/conf/*/rp_filter ; do echo 1 > $f ; done
#Warcraft3
iptables -t nat -A PREROUTING -p tcp --dport 6112 -i eth1 -j DNAT --to 192.168.0.11
iptables -t nat -A PREROUTING -p tcp --dport 6113:6119 -i eth1 -j DNAT --to 192.168.0.11
