Solved

Odd IPTables Problem

Posted on 2004-09-20
6
191 Views
Last Modified: 2012-05-05
Looking for suggestions on this one, it's quite odd.  I have a small colocated network with 3 boxes.  1 Firewall with a public/private interface doing NAT, and 2 servers behind.  I've had to reset my IPTABLES rules already twice because I lose access to the box doing the firewall/NAT.  It works fine for a bit, then dies, denying me remote access to anything on the firewall, yet at the same time the NAT still works and I can reach services that I've mapped on the private network, just cannot reach the firewall box or any services on it.  ARRGH!  Any suggestions are appreicated.
0
Comment
Question by:sirebral
  • 2
  • 2
6 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 12114724
It would be a help to know what Linux distro and version are in use. It would also help to be able to see what IPtables rules you are using to set up the firewall.
0
 

Author Comment

by:sirebral
ID: 12115557
Linux is Fedora Core 1, all patches applied.  Firewall rules I can't get to right now as I cannot access the box, esentially I have.

Allow Established, Related
Allow lo
Allow Port 10000 (webmin)
Allow Port 22
Deny

And on the NAT I have mappings through to the private network and Masq outbound for all internal network addresses.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 12115714
I think I'll need to see the actual rules.
0
 

Author Comment

by:sirebral
ID: 12541808
Problem solved on my own, switched to FC2.  Please close this question.
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 16238481
PAQed with points refunded (125)

CetusMOD
Community Support Moderator
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video discusses moving either the default database or any database to a new volume.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now