The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

routing/gateway help wanted

Discussion in 'General Discussion' started by Dionis, May 27, 2005.

  1. Dionis

    Dionis Registered

    Joined:
    Sep 4, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Hi there,
    I have a linux box (centos 3.4) with cPanel test license, which have two cards (eth0 and eth1). I use my linux box like router/gateway to internet for my second box with windows xp. My linux box work fine. Problem is what I can't access to web pages, email, msn on internet from my windovs xp computer. I have use this simple script which run by rc.local

    -----------------------------------------------

    #!/bin/bash

    # Load useful kernel modules
    modprobe ip_conntrack
    modprobe ip_conntrack_ftp
    modprobe ip_conntrack_irc
    modprobe ip_nat_ftp
    modprobe ipt_MASQUERADE

    # Disabling ECN if enabled (explicit congestion notification
    if [ -e /proc/sys/net/ipv4/tcp_ecn ]
    then
    echo 0 > /proc/sys/net/ipv4/tcp_ecn
    fi

    # Enabling forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward

    # AntiSpoofing protection
    for x in lo eth0 eth1
    do
    echo 1 > /proc/sys/net/ipv4/conf/${x}/rp_filter
    done

    # Here is the place to define some variables

    iptables="/sbin/iptables"
    publicaddr="xx.xx.xx.xx" #here my static IP address
    privateaddr="192.168.0.1"
    any="0.0.0.0/0"
    localnet="192.168.0.0/24"

    #First, flushing the existing rules
    iptables -F INPUT
    iptables -F OUTPUT
    iptables -F FORWARD
    iptables -F -t nat
    iptables -t nat -F PREROUTING
    iptables -t nat -F POSTROUTING
    iptables -t nat -F OUTPUT



    #Now defining the standard policy
    iptables -P INPUT ACCEPT
    iptables -P OUTPUT ACCEPT
    iptables -P FORWARD ACCEPT
    iptables -t nat -P PREROUTING ACCEPT
    iptables -t nat -P POSTROUTING ACCEPT
    iptables -t nat -P OUTPUT ACCEPT


    #Defining the real stuff !

    # Allow access to the firewall from the localnet
    iptables -A INPUT -s $localnet -d $privateaddr -j ACCEPT
    iptables -A INPUT -s $localnet -d $publicaddr -j ACCEPT

    # Allow access from ourself to us !
    iptables -A INPUT -i lo -j ACCEPT

    # Allow the firewall box to access the internet
    iptables -A INPUT -s $any -d $publicaddr -m state --state ESTABLISHED,RELATED -j ACCEPT

    # Should we masquerade the localnet to internet ?
    iptables -t nat -A POSTROUTING -s $localnet -d $any -j MASQUERADE

    -------------------------------------
    and my etc/sysconfig/iptables is:

    ---------------------------------------

    # Firewall configuration written by redhat-config-securitylevel
    # Manual customization of this file is not recommended.
    *filter
    :INPUT ACCEPT [0:0]
    :FORWARD ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    :RH-Firewall-1-INPUT - [0:0]
    -A INPUT -j RH-Firewall-1-INPUT
    -A FORWARD -j RH-Firewall-1-INPUT
    -A RH-Firewall-1-INPUT -i lo -j ACCEPT
    -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
    -A RH-Firewall-1-INPUT -p 50 -j ACCEPT
    -A RH-Firewall-1-INPUT -p 51 -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state NEW -j ACCEPT
    -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
    -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
    COMMIT
    --------------------------------------

    Before I have use Plesk and all things work fine for me. Now I have no idea why I can't access to web, email and msn messanger. ICQ and etc. work fine on windows box. May be cPanel something blocking?

    Thanks for your help in advance.
    Alex
     
Loading...
Similar Threads - routing gateway help
  1. lyhung
    Replies:
    5
    Views:
    537

Share This Page