Wget funkar ej!
Jag får inte wget och funka riktigt.
root@server:/etc/rc.d# wget http://www.glftpd.org/download/glftpd-LNX_1.26beta2.tgz
--00:47:33-- http://www.glftpd.org/download/glftpd-LNX_1.26beta2.tgz
=> `glftpd-LNX_1.26beta2.tgz'
Resolving www.glftpd.org... done.
Connecting to www.glftpd.org[69.56.172.194]:80...
har testat allt möjligt att ladda hem men funkar ej...
Jag tror de är nå galet med iptables reglerna ta en titt om du ser nå galet:
!/bin/bash
INET_IF="eth0"
LAN_IF="eth1"
LAN2_IF="eth2"
case "$1" in
stop)
iptables --flush
iptables -t nat --flush
iptables -t mangle --flush
iptables --delete-chain
iptables -t nat --delete-chain
iptables -t mangle --delete-chain
iptables --policy INPUT ACCEPT
iptables --policy OUTPUT ACCEPT
# internetdelning aiight
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE
;;
start)
iptables -F
iptables -t nat --flush
iptables -t mangle --flush
iptables --delete-chain
iptables -t nat --delete-chain
iptables -t mangle --delete-chain
iptables -N logdrop
iptables -A logdrop -j LOG
iptables -A logdrop -j DROP
# Släppa in ICMP
#iptables -A INPUT -p icmp -j ACCEPT
#iptables -A OUTPUT -p icmp -j ACCEPT
#iptables -A INPUT -p icmp --icmp-type 0 -j ACCEPT
#iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
#iptables -A INPUT -p icmp --icmp-type 3 -j ACCEPT
#iptables -A INPUT -p icmp --icmp-type 11 -j ACCEPT
echo "Starting firewall.."
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
# tillåt loopback pls
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
# tillåt utg. dns-reqar
iptables -A OUTPUT -p udp -o $INET_IF --dport 53 --sport 1024:65535 -j ACCEPT
iptables -A INPUT -p udp -i $INET_IF --sport 53 --dport 1024:65535 -j ACCEPT
#tillåt IPV6
iptables -A INPUT -i $INET_IF -p ipv6 -j ACCEPT
#tillåt DHCP
iptables -A INPUT -p udp --sport 67 --dport 68 --source 10.64.0.7 -j ACCEPT
# tillåt inkommande
#iptables -A INPUT -m state --state NEW -p tcp --syn --destination-port 5555 -j$
#iptables -A INPUT -m state --state ESTABLISHED,RELATED -p tcp --destination-po$
iptables -A INPUT -m state --state NEW -p tcp --syn --destination-port 22 -j AC$
iptables -A INPUT -m state --state ESTABLISHED,RELATED -p tcp --destination-por$
iptables -A INPUT -m state --state NEW -p tcp --syn --destination-port 113 -j A$
iptables -A INPUT -m state --state ESTABLISHED,RELATED -p tcp --destination-por$
#iptables -A INPUT -m state --state NEW -p tcp --syn --destination-port 4899 -j$
#iptables -A INPUT -m state --state ESTABLISHED,RELATED -p tcp --destination-po$
#Portforaward till min arbetsdator
iptables -t nat -A PREROUTING -p tcp --dport 5555 -j DNAT --to 192.168.0.2:21
iptables -A FORWARD -p tcp --destination-port 21 -j ACCEPT
# IDENT
iptables -t nat -A PREROUTING -p tcp --dport 113 -j DNAT --to 192.168.0.2:113
iptables -A FORWARD -p tcp --destination-port 113 -j ACCEPT
#RADMIN
#iptables -t nat -A PREROUTING -p tcp --dport 4899 -j DNAT --to 192.168.0.2:4899
#iptables -A FORWARD -p tcp --destination-port 4899 -j ACCEPT
iptables -A FORWARD -i $LAN2_IF -j ACCEPT
# kasta new not syn-paket
iptables -A INPUT -i $INET_IF -p tcp ! --syn -m state --state NEW -j DROP
# tillåt hemma att komma in på fw
iptables -A INPUT -i $LAN_IF -j ACCEPT
iptables -A OUTPUT -o $LAN_IF -j ACCEPT
# spärra stängda nät på internet-if:et
iptables -A INPUT -i $INET_IF -s 192.168.0.0/24 -j DROP
iptables -A INPUT -i $INET_IF -s 127.0.0.0/8 -j DROP
# starta internetdelning
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -j MASQUERADE
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
#iptables -A FORWARD -t filter -i $LAN_IF -m state --state NEW,ESTABLISHED,RELA$
iptables -A FORWARD -i $LAN_IF -j ACCEPT
iptables -A FORWARD -i $INET_IF -m state --state ESTABLISHED,RELATED -j ACCEPT
# Logga och spärra resten
iptables -A INPUT -j logdrop
echo "Firewall should now be up and running!"
;;
*)
echo "Usage minfw <start|stop>";
;;
esac
Tacksam för relevanta svar.
