Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

routing/gateway help wanted

Discussion in 'General Discussion' started by Dionis, May 27, 2005.

  1. Dionis

    Dionis Registered

    Sep 4, 2004
    Likes Received:
    Trophy Points:
    Hi there,
    I have a linux box (centos 3.4) with cPanel test license, which have two cards (eth0 and eth1). I use my linux box like router/gateway to internet for my second box with windows xp. My linux box work fine. Problem is what I can't access to web pages, email, msn on internet from my windovs xp computer. I have use this simple script which run by rc.local



    # Load useful kernel modules
    modprobe ip_conntrack
    modprobe ip_conntrack_ftp
    modprobe ip_conntrack_irc
    modprobe ip_nat_ftp
    modprobe ipt_MASQUERADE

    # Disabling ECN if enabled (explicit congestion notification
    if [ -e /proc/sys/net/ipv4/tcp_ecn ]
    echo 0 > /proc/sys/net/ipv4/tcp_ecn

    # Enabling forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward

    # AntiSpoofing protection
    for x in lo eth0 eth1
    echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter

    # Here is the place to define some variables

    publicaddr="xx.xx.xx.xx" #here my static IP address

    #First, flushing the existing rules
    iptables -F INPUT
    iptables -F OUTPUT
    iptables -F FORWARD
    iptables -F -t nat
    iptables -t nat -F PREROUTING
    iptables -t nat -F POSTROUTING
    iptables -t nat -F OUTPUT

    #Now defining the standard policy
    iptables -P INPUT ACCEPT
    iptables -P OUTPUT ACCEPT
    iptables -P FORWARD ACCEPT
    iptables -t nat -P PREROUTING ACCEPT
    iptables -t nat -P POSTROUTING ACCEPT
    iptables -t nat -P OUTPUT ACCEPT

    #Defining the real stuff !

    # Allow access to the firewall from the localnet
    iptables -A INPUT -s $localnet -d $privateaddr -j ACCEPT
    iptables -A INPUT -s $localnet -d $publicaddr -j ACCEPT

    # Allow access from ourself to us !
    iptables -A INPUT -i lo -j ACCEPT

    # Allow the firewall box to access the internet
    iptables -A INPUT -s $any -d $publicaddr -m state --state ESTABLISHED,RELATED -j ACCEPT

    # Should we masquerade the localnet to internet ?
    iptables -t nat -A POSTROUTING -s $localnet -d $any -j MASQUERADE

    and my etc/sysconfig/iptables is:


    # Firewall configuration written by redhat-config-securitylevel
    # Manual customization of this file is not recommended.
    :INPUT ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    :RH-Firewall-1-INPUT - [0:0]
    -A INPUT -j RH-Firewall-1-INPUT
    -A FORWARD -j RH-Firewall-1-INPUT
    -A RH-Firewall-1-INPUT -i lo -j ACCEPT
    -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
    -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
    -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state NEW -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

    Before I have use Plesk and all things work fine for me. Now I have no idea why I can't access to web, email and msn messanger. ICQ and etc. work fine on windows box. May be cPanel something blocking?

    Thanks for your help in advance.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice