Chciałby nadawać przez shoutcasta:
adres serwera: 192.168.0.1
adres klieta nadajacego: 192.168.0.2
wyjscie na net: ppp0
Firewall standardowy
Jak zrobic zeby nadawac nie tylko dla tych w sieci LAN?
Probopwałem przekierować port 8000 ale mi nie działa
Prosze o pomoc i jakies przykłady
Dzieki
moj iptables.rules
# Generated by iptables-save v1.3.1 on Thu Nov 24 16:23:58 2005
*filter
:INPUT DROP [11634:955560]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [28034:4263304]
:liczeniex - [0:0]
:mrtg_traffic - [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m multiport --dports 135,445 -j DROP
-A INPUT -p tcp -m tcp --dport 113 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -p tcp -m tcp --dport 1080 -j REJECT --reject-with icmp-port-unreachable
-A INPUT -i ppp0 -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -m limit --limit 1/sec -j ACCEPT
-A INPUT -i ! ppp0 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i ppp0 -p tcp -m tcp --dport 8000 -j ACCEPT
-A FORWARD -j mrtg_traffic
-A FORWARD -d 192.168.0.2 -p udp -m udp --dport 4672 -j ACCEPT
-A FORWARD -j liczeniex
-A FORWARD -d 192.168.0.2 -p udp -m udp --dport 4665 -j ACCEPT
-A FORWARD -d 192.168.0.2 -p tcp -m tcp --dport 4662 -j ACCEPT
-A FORWARD -d 192.168.0.2 -p tcp -m tcp --dport 4661 -j ACCEPT
-A FORWARD -d 192.168.0.2 -p tcp -m tcp --dport 8000 -j ACCEPT
-A FORWARD -o lo -j ACCEPT
-A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -p tcp -m multiport --dports 135,445 -j DROP
-A FORWARD -i ! ppp0 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A liczeniex -d 192.168.0.2 -j RETURN
-A liczeniex -d 192.168.1.2 -j RETURN
-A mrtg_traffic -d 127.0.0.1 -j RETURN
-A mrtg_traffic -s 127.0.0.1 -j RETURN
-A mrtg_traffic -d 192.168.0.1 -j RETURN
-A mrtg_traffic -s 192.168.0.1 -j RETURN
-A mrtg_traffic -d 192.168.1.1 -j RETURN
-A mrtg_traffic -s 192.168.1.1 -j RETURN
-A mrtg_traffic -d 192.168.0.2 -j RETURN
-A mrtg_traffic -s 192.168.0.2 -j RETURN
-A mrtg_traffic -d 192.168.1.2 -j RETURN
-A mrtg_traffic -s 192.168.1.2 -j RETURN
COMMIT
# Completed on Thu Nov 24 16:23:58 2005
# Generated by iptables-save v1.3.1 on Thu Nov 24 16:23:58 2005
*mangle
:PREROUTING ACCEPT [3174766:1161212889]
:INPUT ACCEPT [57110:6661898]
:FORWARD ACCEPT [3117622:1154519879]
:OUTPUT ACCEPT [28034:4263304]
:POSTROUTING ACCEPT [3146310:1158924765]
COMMIT
# Completed on Thu Nov 24 16:23:58 2005
# Generated by iptables-save v1.3.1 on Thu Nov 24 16:23:58 2005
*nat
:PREROUTING ACCEPT [136339:7554118]
:POSTROUTING ACCEPT [34531:1801645]
:OUTPUT ACCEPT [883:117380]
-A PREROUTING -i ppp0 -p udp -m udp --dport 8000 -j DNAT --to-destination 192.168.0.2
-A PREROUTING -i ppp0 -p udp -m udp --dport 4672 -j DNAT --to-destination 192.168.0.2
-A PREROUTING -i ppp0 -p udp -m udp --dport 4665 -j DNAT --to-destination 192.168.0.2
-A PREROUTING -i ppp0 -p tcp -m tcp --dport 4662 -j DNAT --to-destination 192.168.0.2
-A PREROUTING -i ppp0 -p tcp -m tcp --dport 4661 -j DNAT --to-destination 192.168.0.2
-A POSTROUTING -o ppp0 -j MASQUERADE
COMMIT
# Completed on Thu Nov 24 16:23:58 2005