Re: routing zwischen 2 subnetzen

11 Aug 2008


      Am Sonntag, 10. August 2008 23:02:05 schrieb Andreas Koenecke:
...
Hallo.
* Sonntag, 10. August 2008 um 15:29 (+0200) schrieb Günter Ohmer:
...
Am Sonntag, 10. August 2008 13:57:42 schrieb Sandy Drobic:
...
Vermutlich ein iptables-Problem. Was sagt denn "iptables -L"?
Das ist ein bißchen länglich, aber wenn man weiß wo man hinschauen muss .. :-)
==============================================================
basar:~ # iptables -L
[...]
Ohne die Option "-v" ist 'iptables -L' IMHO ziemlich nutzlos, weil halt die
Interfaces fehlen...
Besser (nochmal) 'iptables -L FORWARD -nv' und
'iptables -L forward_int -nv' mailen.
Gruß
Andreas
-- 
Amarok spielt gerade nichts...
GPG-ID/Fingerprint: 6F28CF96/0B3B C287 30CE 21DF F37A  AF63 A46C D899 6F28 CF96
                  GPG-Key on request or on public keyservers
--
==================================================================================================================================
basar:~ # iptables -L FORWARD -nv
Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
   94  5528 TCPMSS     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:0x06/0x02 TCPMSS clamp to PMTU
 2118  126K forward_int  all  --  eth0   *       0.0.0.0/0            0.0.0.0/0
    0     0 forward_int  all  --  eth1   *       0.0.0.0/0            0.0.0.0/0
    0     0 forward_int  all  --  eth2   *       0.0.0.0/0            0.0.0.0/0
 3560 4941K forward_ext  all  --  dsl1   *       0.0.0.0/0            0.0.0.0/0
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 6 level 4 prefix `SFW2-FWD-ILL-ROUTING '
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0
==================================================================================================================================
basar:~ # iptables -L forward_int -nv
Chain forward_int (3 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 0 LOG flags 6 level 4 prefix `SFW2-FWDint-FWD-RELA'
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 0
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3 LOG flags 6 level 4 prefix `SFW2-FWDint-FWD-RELA'
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 11 LOG flags 6 level 4 prefix `SFW2-FWDint-FWD-RELA'
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 11
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 12 LOG flags 6 level 4 prefix `SFW2-FWDint-FWD-RELA'
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 12
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 14 LOG flags 6 level 4 prefix `SFW2-FWDint-FWD-RELA'
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 14
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 18 LOG flags 6 level 4 prefix `SFW2-FWDint-FWD-RELA'
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 18
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3 code 2 LOG flags 6 level 4 prefix `SFW2-FWDint-FWD-RELA'
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 3 code 2
    0     0 LOG        icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 5 LOG flags 6 level 4 prefix `SFW2-FWDint-FWD-RELA'
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED icmp type 5
 2141  127K LOG        all  --  eth0   dsl1    0.0.0.0/0            0.0.0.0/0           LOG flags 6 level 4 prefix `SFW2-FWDint-ACC-MASQ '
 2141  127K ACCEPT     all  --  eth0   dsl1    0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED
    0     0 LOG        all  --  eth1   dsl1    0.0.0.0/0            0.0.0.0/0           LOG flags 6 level 4 prefix `SFW2-FWDint-ACC-MASQ '
    0     0 ACCEPT     all  --  eth1   dsl1    0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED
    0     0 LOG        all  --  eth2   dsl1    0.0.0.0/0            0.0.0.0/0           LOG flags 6 level 4 prefix `SFW2-FWDint-ACC-MASQ '
    0     0 ACCEPT     all  --  eth2   dsl1    0.0.0.0/0            0.0.0.0/0           state NEW,RELATED,ESTABLISHED
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           PKTTYPE = multicast
    0     0 LOG        all  --  *      *       0.0.0.0/0            0.0.0.0/0           LOG flags 6 level 4 prefix `SFW2-FWDint-DROP-DEFLT '
    0     0 reject_func  all  --  *      *       0.0.0.0/0            0.0.0.0/0
==================================================================================================================================

Viele Grüße
Günter
-- 
Guenter Ohmer
Jahnstrasse 24
D 76865 Rohrbach
mailto:guenter.ohmer@gmx.de

-- 
Um die Liste abzubestellen, schicken Sie eine Mail an:
    opensuse-de+unsubscribe@opensuse.org
Um eine Liste aller verfuegbaren Kommandos zu bekommen, schicken
Sie eine Mail an: opensuse-de+help@opensuse.org