Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

routing/gateway help wanted

Discussion in 'General Discussion' started by Dionis, May 27, 2005.

  1. Dionis

    Dionis Registered

    Sep 4, 2004
    Likes Received:
    Trophy Points:
    Hi there,
    I have a linux box (centos 3.4) with cPanel test license, which have two cards (eth0 and eth1). I use my linux box like router/gateway to internet for my second box with windows xp. My linux box work fine. Problem is what I can't access to web pages, email, msn on internet from my windovs xp computer. I have use this simple script which run by rc.local



    # Load useful kernel modules
    modprobe ip_conntrack
    modprobe ip_conntrack_ftp
    modprobe ip_conntrack_irc
    modprobe ip_nat_ftp
    modprobe ipt_MASQUERADE

    # Disabling ECN if enabled (explicit congestion notification
    if [ -e /proc/sys/net/ipv4/tcp_ecn ]
    echo 0 > /proc/sys/net/ipv4/tcp_ecn

    # Enabling forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward

    # AntiSpoofing protection
    for x in lo eth0 eth1
    echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter

    # Here is the place to define some variables

    publicaddr="xx.xx.xx.xx" #here my static IP address

    #First, flushing the existing rules
    iptables -F INPUT
    iptables -F OUTPUT
    iptables -F FORWARD
    iptables -F -t nat
    iptables -t nat -F PREROUTING
    iptables -t nat -F POSTROUTING
    iptables -t nat -F OUTPUT

    #Now defining the standard policy
    iptables -P INPUT ACCEPT
    iptables -P OUTPUT ACCEPT
    iptables -P FORWARD ACCEPT
    iptables -t nat -P PREROUTING ACCEPT
    iptables -t nat -P POSTROUTING ACCEPT
    iptables -t nat -P OUTPUT ACCEPT

    #Defining the real stuff !

    # Allow access to the firewall from the localnet
    iptables -A INPUT -s $localnet -d $privateaddr -j ACCEPT
    iptables -A INPUT -s $localnet -d $publicaddr -j ACCEPT

    # Allow access from ourself to us !
    iptables -A INPUT -i lo -j ACCEPT

    # Allow the firewall box to access the internet
    iptables -A INPUT -s $any -d $publicaddr -m state --state ESTABLISHED,RELATED -j ACCEPT

    # Should we masquerade the localnet to internet ?
    iptables -t nat -A POSTROUTING -s $localnet -d $any -j MASQUERADE

    and my etc/sysconfig/iptables is:


    # Firewall configuration written by redhat-config-securitylevel
    # Manual customization of this file is not recommended.
    :INPUT ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    :RH-Firewall-1-INPUT - [0:0]
    -A INPUT -j RH-Firewall-1-INPUT
    -A FORWARD -j RH-Firewall-1-INPUT
    -A RH-Firewall-1-INPUT -i lo -j ACCEPT
    -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
    -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
    -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state NEW -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

    Before I have use Plesk and all things work fine for me. Now I have no idea why I can't access to web, email and msn messanger. ICQ and etc. work fine on windows box. May be cPanel something blocking?

    Thanks for your help in advance.

Share This Page