 |  |  |  |  |  |  |  |
Port Forwarding
Thread Solved |
Hello all.
After passing for some days trying to configure ip forwarding under debian i've understood that there is some problem with them.
So now i'm looking for any stand-alone app, not a firewall to handle the port forwarding.
Would be glad for any information.
If you have some skill with iptables, you could pass by
http://ubuntuforums.org/showthread.php?t=1282215
and
http://forums.debian.net/viewtopic.php?f=10&t=45715
Thanks in advance.
After passing for some days trying to configure ip forwarding under debian i've understood that there is some problem with them.
So now i'm looking for any stand-alone app, not a firewall to handle the port forwarding.
Would be glad for any information.
If you have some skill with iptables, you could pass by
http://ubuntuforums.org/showthread.php?t=1282215
and
http://forums.debian.net/viewtopic.php?f=10&t=45715
Thanks in advance.
1
#2 Oct 11th, 2009
I don't understand the question. There aren't any problems with iptables, you can port forward with it.
0
#3 Oct 11th, 2009
If you have passed by any of the given links you would see that there is a problem(in my case).
Here is the list of what i tryied and the responses:
As you see,none gives "open".
Here is the list of what i tryied and the responses:
iptables -A tcp_packets -p TCP -s 0/0 --dport 139 -j ACCEPT iptables -A udpincoming_packets -p UDP -s 0/0 --source-port 139 -j ACCEPT iptables -t nat -A PREROUTING -p tcp -d 83.132.157.123 --dport 139 -j DNAT --to 192.168.0.200:139 //filtered iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 139 -j DNAT --to 192.168.0.200:139 //filtered iptables -t nat -A PREROUTING -p tcp -i eth0 -d 83.132.157.123 --dport 139 -j DNAT --to 192.168.0.200:139 iptables -A FORWARD -p tcp -i eth0 -d 192.168.0.200 --dport 139 -j ACCEPT //closed <- host down iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 139 -j DNAT --to 192.168.0.200:139 iptables -A FORWARD -p tcp -i eth0 -d 192.168.0.200 --dport 139 -j ACCEPT //filtered iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 139 -j DNAT --to 192.168.0.200:139 iptables -A FORWARD -p tcp -i eth0 -d 83.132.157.123 --dport 139 -j ACCEPT //filtered <- host down iptables -t nat -I PREROUTING -p tcp -i eth0 --dport 139 -j DNAT --to 192.168.0.200:139 iptables -A FORWARD -p tcp -i eth0 --dport 139 -j ACCEPT //filtered
1
#4 Oct 11th, 2009
I don't think any of the posts have clearly explained what you are trying to accomplish.
What is neden?
Server eth0: Dynamic Public IP
Server eth1: LAN Address space 192.168.0.1/255.255.255.0
SSH Machine: 192.168.0.200
Clients: 192.168.0.2 and 192.168.0.3.
How are your clients and server running on what appears to be the same address space/subnet even though they traverse a router? I don't think your network diagram is complete. I also saw you had 10.x address bindings on your server. Is this a result of bridged connections for internet sharing with your virtual machine?
•
•
•
•
Internet->server(eth0)->server(eth1)->router->clients.
Router cant be the first to connect to the internet because it doesnt have the neden port.
Server eth0: Dynamic Public IP
Server eth1: LAN Address space 192.168.0.1/255.255.255.0
SSH Machine: 192.168.0.200
Clients: 192.168.0.2 and 192.168.0.3.
How are your clients and server running on what appears to be the same address space/subnet even though they traverse a router? I don't think your network diagram is complete. I also saw you had 10.x address bindings on your server. Is this a result of bridged connections for internet sharing with your virtual machine?
0
#5 Oct 11th, 2009
10.10.0.x is my vpn, that works fine.
all the clients (192.168.0.x) now have internet.
The machine where the connection should "enter" is the server.
All the connections made to it from the internet on port 135, should be redirected to the machine that has ip 192.168.0.200 on the same port.
all the clients (192.168.0.x) now have internet.
The machine where the connection should "enter" is the server.
All the connections made to it from the internet on port 135, should be redirected to the machine that has ip 192.168.0.200 on the same port.
1
#6 Oct 11th, 2009
Its going to show filtered if it didn't receive a closed response, so if the port forwarding was set up incorrectly it would show filtered as I suspect is the case here.
Obviously your machine doing the routing is debian linux. What OS is the machine you're trying to forward to? In your other posts you mention port :21 and now you're mentioning port 135. From what I can tell you're talking about TCP but you also refer to UDP:
Plus you're appending rules to chains that you don't show are targeted in the pastes your posting here. What I see is a lot of incomplete information....
On your table doing the packeting switching/routing (iptables) post the output from:
If the machine on 192.168.0.200 is Linux please provide the same output.
Obviously your machine doing the routing is debian linux. What OS is the machine you're trying to forward to? In your other posts you mention port :21 and now you're mentioning port 135. From what I can tell you're talking about TCP but you also refer to UDP:
iptables -A tcp_packets -p TCP -s 0/0 --dport 139 -j ACCEPT iptables -A udpincoming_packets -p UDP -s 0/0 --source-port 139 -j ACCEPT
Plus you're appending rules to chains that you don't show are targeted in the pastes your posting here. What I see is a lot of incomplete information....
On your table doing the packeting switching/routing (iptables) post the output from:
root@svn:~# arp -a root@svn:~# ifconfig -a root@svn:~# iptables-save root@svn:~# route -n root@svn:~# cat /etc/network/interfaces root@svn:~# sysctl net.ipv4
If the machine on 192.168.0.200 is Linux please provide the same output.
Last edited by sknake; Oct 11th, 2009 at 2:18 pm.
0
#7 Oct 11th, 2009
Sorry for providing diferent ports, but the ideia is to have a rule (2 or 3 lines code) with some port (for example 139) to easily set up port forwarding to any port.
Machine 192.168.0.200 is also a debian machine, that runs a honeypot (nepenthes) on a variety of ports.
From lan i can easily connect to it using 139/135/21/etc(but i dont need internet connection there so it doesnt have gateway defined).
The output of the commands you asked:
server:/home/jen140# arp -a
server:/home/jen140# ifconfig -a
server:/home/jen140# iptables-save
server:/home/jen140# route -n
server:/home/jen140# cat /etc/network/interfaces
server:/home/jen140# sysctl net.ipv4
Machine 192.168.0.200 is also a debian machine, that runs a honeypot (nepenthes) on a variety of ports.
From lan i can easily connect to it using 139/135/21/etc(but i dont need internet connection there so it doesnt have gateway defined).
The output of the commands you asked:
server:/home/jen140# arp -a
? (192.168.0.88) at 00:0c:29:4d:75:d6 [ether] on eth1 ? (192.168.0.3) at 00:23:54:51:a3:b7 [ether] on eth1 a213-22-129-254.cpe.netcabo.pt (213.22.129.254) at 00:05:5f:ef:a4:01 [ether] on eth0
eth0 Link encap:Ethernet HWaddr 00:13:f7:cb:9a:0b
inet addr:213.22.128.X Bcast:213.22.129.255 Mask:255.255.254.0
inet6 addr: fe80::213:f7ff:fecb:9a0b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1050560 errors:0 dropped:0 overruns:0 frame:0
TX packets:797253 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1172372697 (1.0 GiB) TX bytes:249272821 (237.7 MiB)
Interrupt:18 Base address:0xb000
eth1 Link encap:Ethernet HWaddr 00:0e:2e:f2:2d:e3
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20e:2eff:fef2:2de3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:869657 errors:0 dropped:0 overruns:0 frame:0
TX packets:1125051 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:258204867 (246.2 MiB) TX bytes:1178122158 (1.0 GiB)
Interrupt:19 Base address:0xb400
eth2 Link encap:Ethernet HWaddr 00:0c:76:c1:32:3f
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:20 Base address:0xb800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:3608 errors:0 dropped:0 overruns:0 frame:0
TX packets:3608 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:157737 (154.0 KiB) TX bytes:157737 (154.0 KiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.10.0.1 P-t-P:10.10.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:93280 errors:0 dropped:0 overruns:0 frame:0
TX packets:93288 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:4488716 (4.2 MiB) TX bytes:3768244 (3.5 MiB)
vboxnet0 Link encap:Ethernet HWaddr 0a:00:27:00:00:00
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)# Generated by iptables-save v1.4.5 on Sun Oct 11 19:31:11 2009 *nat :PREROUTING ACCEPT [135806:7435880] :POSTROUTING ACCEPT [1736:77699] :OUTPUT ACCEPT [18860:1281505] -A POSTROUTING -o eth0 -j MASQUERADE COMMIT # Completed on Sun Oct 11 19:31:11 2009 # Generated by iptables-save v1.4.5 on Sun Oct 11 19:31:11 2009 *filter :INPUT ACCEPT [225895:22253800] :FORWARD ACCEPT [1810663:1406118105] :OUTPUT ACCEPT [228365:18349217] COMMIT # Completed on Sun Oct 11 19:31:11 2009
Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.10.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 10.10.0.0 10.10.0.2 255.255.255.0 UG 0 0 0 tun0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 213.22.128.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0 0.0.0.0 213.22.129.254 0.0.0.0 UG 0 0 0 eth0
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 iface eth0 inet dhcp
net.ipv4.tcp_timestamps = 1 net.ipv4.tcp_window_scaling = 1 net.ipv4.tcp_sack = 1 net.ipv4.tcp_retrans_collapse = 1 net.ipv4.ip_default_ttl = 64 net.ipv4.ip_no_pmtu_disc = 0 net.ipv4.ip_nonlocal_bind = 0 net.ipv4.tcp_syn_retries = 5 net.ipv4.tcp_synack_retries = 5 net.ipv4.tcp_max_orphans = 32768 net.ipv4.tcp_max_tw_buckets = 180000 net.ipv4.ip_dynaddr = 0 net.ipv4.tcp_keepalive_time = 7200 net.ipv4.tcp_keepalive_probes = 9 net.ipv4.tcp_keepalive_intvl = 75 net.ipv4.tcp_retries1 = 3 net.ipv4.tcp_retries2 = 15 net.ipv4.tcp_fin_timeout = 60 net.ipv4.tcp_syncookies = 0 net.ipv4.tcp_tw_recycle = 0 net.ipv4.tcp_abort_on_overflow = 0 net.ipv4.tcp_stdurg = 0 net.ipv4.tcp_rfc1337 = 0 net.ipv4.tcp_max_syn_backlog = 1024 net.ipv4.ip_local_port_range = 32768 61000 net.ipv4.route.gc_thresh = 32768 net.ipv4.route.max_size = 524288 net.ipv4.route.gc_min_interval = 0 net.ipv4.route.gc_min_interval_ms = 500 net.ipv4.route.gc_timeout = 300 net.ipv4.route.gc_interval = 60 net.ipv4.route.redirect_load = 5 net.ipv4.route.redirect_number = 9 net.ipv4.route.redirect_silence = 5120 net.ipv4.route.error_cost = 250 net.ipv4.route.error_burst = 1250 net.ipv4.route.gc_elasticity = 8 net.ipv4.route.mtu_expires = 600 net.ipv4.route.min_pmtu = 552 net.ipv4.route.min_adv_mss = 256 net.ipv4.route.secret_interval = 600 net.ipv4.igmp_max_memberships = 20 net.ipv4.igmp_max_msf = 10 net.ipv4.inet_peer_threshold = 65664 net.ipv4.inet_peer_minttl = 120 net.ipv4.inet_peer_maxttl = 600 net.ipv4.inet_peer_gc_mintime = 10 net.ipv4.inet_peer_gc_maxtime = 120 net.ipv4.tcp_orphan_retries = 0 net.ipv4.tcp_fack = 1 net.ipv4.tcp_reordering = 3 net.ipv4.tcp_ecn = 0 net.ipv4.tcp_dsack = 1 net.ipv4.tcp_mem = 84192 112256 168384 net.ipv4.tcp_wmem = 4096 16384 3592192 net.ipv4.tcp_rmem = 4096 87380 3592192 net.ipv4.tcp_app_win = 31 net.ipv4.tcp_adv_win_scale = 2 net.ipv4.tcp_tw_reuse = 0 net.ipv4.tcp_frto = 2 net.ipv4.tcp_frto_response = 0 net.ipv4.tcp_low_latency = 0 net.ipv4.tcp_no_metrics_save = 0 net.ipv4.tcp_moderate_rcvbuf = 1 net.ipv4.tcp_tso_win_divisor = 3 net.ipv4.tcp_congestion_control = cubic net.ipv4.tcp_abc = 0 net.ipv4.tcp_mtu_probing = 0 net.ipv4.tcp_base_mss = 512 net.ipv4.tcp_workaround_signed_windows = 0 net.ipv4.tcp_dma_copybreak = 4096 net.ipv4.tcp_slow_start_after_idle = 1 net.ipv4.tcp_available_congestion_control = cubic reno net.ipv4.tcp_allowed_congestion_control = cubic reno net.ipv4.tcp_max_ssthresh = 0 net.ipv4.udp_mem = 97440 129920 194880 net.ipv4.udp_rmem_min = 4096 net.ipv4.udp_wmem_min = 4096 net.ipv4.netfilter.ip_conntrack_generic_timeout = 600 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_sent = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_syn_recv = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_established = 432000 net.ipv4.netfilter.ip_conntrack_tcp_timeout_fin_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close_wait = 60 net.ipv4.netfilter.ip_conntrack_tcp_timeout_last_ack = 30 net.ipv4.netfilter.ip_conntrack_tcp_timeout_time_wait = 120 net.ipv4.netfilter.ip_conntrack_tcp_timeout_close = 10 net.ipv4.netfilter.ip_conntrack_tcp_timeout_max_retrans = 300 net.ipv4.netfilter.ip_conntrack_tcp_loose = 1 net.ipv4.netfilter.ip_conntrack_tcp_be_liberal = 0 net.ipv4.netfilter.ip_conntrack_tcp_max_retrans = 3 net.ipv4.netfilter.ip_conntrack_udp_timeout = 30 net.ipv4.netfilter.ip_conntrack_udp_timeout_stream = 180 net.ipv4.netfilter.ip_conntrack_icmp_timeout = 30 net.ipv4.netfilter.ip_conntrack_max = 65536 net.ipv4.netfilter.ip_conntrack_count = 273 net.ipv4.netfilter.ip_conntrack_buckets = 16384 net.ipv4.netfilter.ip_conntrack_checksum = 1 net.ipv4.netfilter.ip_conntrack_log_invalid = 0 net.ipv4.neigh.default.mcast_solicit = 3 net.ipv4.neigh.default.ucast_solicit = 3 net.ipv4.neigh.default.app_solicit = 0 net.ipv4.neigh.default.retrans_time = 100 net.ipv4.neigh.default.base_reachable_time = 30 net.ipv4.neigh.default.delay_first_probe_time = 5 net.ipv4.neigh.default.gc_stale_time = 60 net.ipv4.neigh.default.unres_qlen = 3 net.ipv4.neigh.default.proxy_qlen = 64 net.ipv4.neigh.default.anycast_delay = 100 net.ipv4.neigh.default.proxy_delay = 80 net.ipv4.neigh.default.locktime = 100 net.ipv4.neigh.default.retrans_time_ms = 1000 net.ipv4.neigh.default.base_reachable_time_ms = 30000 net.ipv4.neigh.default.gc_interval = 30 net.ipv4.neigh.default.gc_thresh1 = 128 net.ipv4.neigh.default.gc_thresh2 = 512 net.ipv4.neigh.default.gc_thresh3 = 1024 net.ipv4.neigh.lo.mcast_solicit = 3 net.ipv4.neigh.lo.ucast_solicit = 3 net.ipv4.neigh.lo.app_solicit = 0 net.ipv4.neigh.lo.retrans_time = 100 net.ipv4.neigh.lo.base_reachable_time = 30 net.ipv4.neigh.lo.delay_first_probe_time = 5 net.ipv4.neigh.lo.gc_stale_time = 60 net.ipv4.neigh.lo.unres_qlen = 3 net.ipv4.neigh.lo.proxy_qlen = 64 net.ipv4.neigh.lo.anycast_delay = 100 net.ipv4.neigh.lo.proxy_delay = 80 net.ipv4.neigh.lo.locktime = 100 net.ipv4.neigh.lo.retrans_time_ms = 1000 net.ipv4.neigh.lo.base_reachable_time_ms = 30000 net.ipv4.neigh.eth0.mcast_solicit = 3 net.ipv4.neigh.eth0.ucast_solicit = 3 net.ipv4.neigh.eth0.app_solicit = 0 net.ipv4.neigh.eth0.retrans_time = 100 net.ipv4.neigh.eth0.base_reachable_time = 30 net.ipv4.neigh.eth0.delay_first_probe_time = 5 net.ipv4.neigh.eth0.gc_stale_time = 60 net.ipv4.neigh.eth0.unres_qlen = 3 net.ipv4.neigh.eth0.proxy_qlen = 64 net.ipv4.neigh.eth0.anycast_delay = 100 net.ipv4.neigh.eth0.proxy_delay = 80 net.ipv4.neigh.eth0.locktime = 100 net.ipv4.neigh.eth0.retrans_time_ms = 1000 net.ipv4.neigh.eth0.base_reachable_time_ms = 30000 net.ipv4.neigh.eth1.mcast_solicit = 3 net.ipv4.neigh.eth1.ucast_solicit = 3 net.ipv4.neigh.eth1.app_solicit = 0 net.ipv4.neigh.eth1.retrans_time = 100 net.ipv4.neigh.eth1.base_reachable_time = 30 net.ipv4.neigh.eth1.delay_first_probe_time = 5 net.ipv4.neigh.eth1.gc_stale_time = 60 net.ipv4.neigh.eth1.unres_qlen = 3 net.ipv4.neigh.eth1.proxy_qlen = 64 net.ipv4.neigh.eth1.anycast_delay = 100 net.ipv4.neigh.eth1.proxy_delay = 80 net.ipv4.neigh.eth1.locktime = 100 net.ipv4.neigh.eth1.retrans_time_ms = 1000 net.ipv4.neigh.eth1.base_reachable_time_ms = 30000 net.ipv4.neigh.eth2.mcast_solicit = 3 net.ipv4.neigh.eth2.ucast_solicit = 3 net.ipv4.neigh.eth2.app_solicit = 0 net.ipv4.neigh.eth2.retrans_time = 100 net.ipv4.neigh.eth2.base_reachable_time = 30 net.ipv4.neigh.eth2.delay_first_probe_time = 5 net.ipv4.neigh.eth2.gc_stale_time = 60 net.ipv4.neigh.eth2.unres_qlen = 3 net.ipv4.neigh.eth2.proxy_qlen = 64 net.ipv4.neigh.eth2.anycast_delay = 100 net.ipv4.neigh.eth2.proxy_delay = 80 net.ipv4.neigh.eth2.locktime = 100 net.ipv4.neigh.eth2.retrans_time_ms = 1000 net.ipv4.neigh.eth2.base_reachable_time_ms = 30000 net.ipv4.neigh.tun0.mcast_solicit = 3 net.ipv4.neigh.tun0.ucast_solicit = 3 net.ipv4.neigh.tun0.app_solicit = 0 net.ipv4.neigh.tun0.retrans_time = 100 net.ipv4.neigh.tun0.base_reachable_time = 30 net.ipv4.neigh.tun0.delay_first_probe_time = 5 net.ipv4.neigh.tun0.gc_stale_time = 60 net.ipv4.neigh.tun0.unres_qlen = 3 net.ipv4.neigh.tun0.proxy_qlen = 64 net.ipv4.neigh.tun0.anycast_delay = 100 net.ipv4.neigh.tun0.proxy_delay = 80 net.ipv4.neigh.tun0.locktime = 100 net.ipv4.neigh.tun0.retrans_time_ms = 1000 net.ipv4.neigh.tun0.base_reachable_time_ms = 30000 net.ipv4.neigh.vboxnet0.mcast_solicit = 3 net.ipv4.neigh.vboxnet0.ucast_solicit = 3 net.ipv4.neigh.vboxnet0.app_solicit = 0 net.ipv4.neigh.vboxnet0.retrans_time = 100 net.ipv4.neigh.vboxnet0.base_reachable_time = 30 net.ipv4.neigh.vboxnet0.delay_first_probe_time = 5 net.ipv4.neigh.vboxnet0.gc_stale_time = 60 net.ipv4.neigh.vboxnet0.unres_qlen = 3 net.ipv4.neigh.vboxnet0.proxy_qlen = 64 net.ipv4.neigh.vboxnet0.anycast_delay = 100 net.ipv4.neigh.vboxnet0.proxy_delay = 80 net.ipv4.neigh.vboxnet0.locktime = 100 net.ipv4.neigh.vboxnet0.retrans_time_ms = 1000 net.ipv4.neigh.vboxnet0.base_reachable_time_ms = 30000 net.ipv4.conf.all.forwarding = 1 net.ipv4.conf.all.mc_forwarding = 0 net.ipv4.conf.all.accept_redirects = 0 net.ipv4.conf.all.secure_redirects = 1 net.ipv4.conf.all.shared_media = 1 net.ipv4.conf.all.rp_filter = 0 net.ipv4.conf.all.send_redirects = 1 net.ipv4.conf.all.accept_source_route = 0 net.ipv4.conf.all.proxy_arp = 0 net.ipv4.conf.all.medium_id = 0 net.ipv4.conf.all.bootp_relay = 0 net.ipv4.conf.all.log_martians = 0 net.ipv4.conf.all.tag = 0 net.ipv4.conf.all.arp_filter = 0 net.ipv4.conf.all.arp_announce = 0 net.ipv4.conf.all.arp_ignore = 0 net.ipv4.conf.all.arp_accept = 0 net.ipv4.conf.all.disable_xfrm = 0 net.ipv4.conf.all.disable_policy = 0 net.ipv4.conf.all.force_igmp_version = 0 net.ipv4.conf.all.promote_secondaries = 0 net.ipv4.conf.default.forwarding = 1 net.ipv4.conf.default.mc_forwarding = 0 net.ipv4.conf.default.accept_redirects = 1 net.ipv4.conf.default.secure_redirects = 1 net.ipv4.conf.default.shared_media = 1 net.ipv4.conf.default.rp_filter = 0 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.default.accept_source_route = 1 net.ipv4.conf.default.proxy_arp = 0 net.ipv4.conf.default.medium_id = 0 net.ipv4.conf.default.bootp_relay = 0 net.ipv4.conf.default.log_martians = 0 net.ipv4.conf.default.tag = 0 net.ipv4.conf.default.arp_filter = 0 net.ipv4.conf.default.arp_announce = 0 net.ipv4.conf.default.arp_ignore = 0 net.ipv4.conf.default.arp_accept = 0 net.ipv4.conf.default.disable_xfrm = 0 net.ipv4.conf.default.disable_policy = 0 net.ipv4.conf.default.force_igmp_version = 0 net.ipv4.conf.default.promote_secondaries = 0 net.ipv4.conf.lo.forwarding = 1 net.ipv4.conf.lo.mc_forwarding = 0 net.ipv4.conf.lo.accept_redirects = 1 net.ipv4.conf.lo.secure_redirects = 1 net.ipv4.conf.lo.shared_media = 1 net.ipv4.conf.lo.rp_filter = 0 net.ipv4.conf.lo.send_redirects = 1 net.ipv4.conf.lo.accept_source_route = 1 net.ipv4.conf.lo.proxy_arp = 0 net.ipv4.conf.lo.medium_id = 0 net.ipv4.conf.lo.bootp_relay = 0 net.ipv4.conf.lo.log_martians = 0 net.ipv4.conf.lo.tag = 0 net.ipv4.conf.lo.arp_filter = 0 net.ipv4.conf.lo.arp_announce = 0 net.ipv4.conf.lo.arp_ignore = 0 net.ipv4.conf.lo.arp_accept = 0 net.ipv4.conf.lo.disable_xfrm = 1 net.ipv4.conf.lo.disable_policy = 1 net.ipv4.conf.lo.force_igmp_version = 0 net.ipv4.conf.lo.promote_secondaries = 0 net.ipv4.conf.eth0.forwarding = 1 net.ipv4.conf.eth0.mc_forwarding = 0 net.ipv4.conf.eth0.accept_redirects = 1 net.ipv4.conf.eth0.secure_redirects = 1 net.ipv4.conf.eth0.shared_media = 1 net.ipv4.conf.eth0.rp_filter = 0 net.ipv4.conf.eth0.send_redirects = 1 net.ipv4.conf.eth0.accept_source_route = 1 net.ipv4.conf.eth0.proxy_arp = 0 net.ipv4.conf.eth0.medium_id = 0 net.ipv4.conf.eth0.bootp_relay = 0 net.ipv4.conf.eth0.log_martians = 0 net.ipv4.conf.eth0.tag = 0 net.ipv4.conf.eth0.arp_filter = 0 net.ipv4.conf.eth0.arp_announce = 0 net.ipv4.conf.eth0.arp_ignore = 0 net.ipv4.conf.eth0.arp_accept = 0 net.ipv4.conf.eth0.disable_xfrm = 0 net.ipv4.conf.eth0.disable_policy = 0 net.ipv4.conf.eth0.force_igmp_version = 0 net.ipv4.conf.eth0.promote_secondaries = 0 net.ipv4.conf.eth1.forwarding = 1 net.ipv4.conf.eth1.mc_forwarding = 0 net.ipv4.conf.eth1.accept_redirects = 1 net.ipv4.conf.eth1.secure_redirects = 1 net.ipv4.conf.eth1.shared_media = 1 net.ipv4.conf.eth1.rp_filter = 0 net.ipv4.conf.eth1.send_redirects = 1 net.ipv4.conf.eth1.accept_source_route = 1 net.ipv4.conf.eth1.proxy_arp = 0 net.ipv4.conf.eth1.medium_id = 0 net.ipv4.conf.eth1.bootp_relay = 0 net.ipv4.conf.eth1.log_martians = 0 net.ipv4.conf.eth1.tag = 0 net.ipv4.conf.eth1.arp_filter = 0 net.ipv4.conf.eth1.arp_announce = 0 net.ipv4.conf.eth1.arp_ignore = 0 net.ipv4.conf.eth1.arp_accept = 0 net.ipv4.conf.eth1.disable_xfrm = 0 net.ipv4.conf.eth1.disable_policy = 0 net.ipv4.conf.eth1.force_igmp_version = 0 net.ipv4.conf.eth1.promote_secondaries = 0 net.ipv4.conf.eth2.forwarding = 1 net.ipv4.conf.eth2.mc_forwarding = 0 net.ipv4.conf.eth2.accept_redirects = 1 net.ipv4.conf.eth2.secure_redirects = 1 net.ipv4.conf.eth2.shared_media = 1 net.ipv4.conf.eth2.rp_filter = 0 net.ipv4.conf.eth2.send_redirects = 1 net.ipv4.conf.eth2.accept_source_route = 1 net.ipv4.conf.eth2.proxy_arp = 0 net.ipv4.conf.eth2.medium_id = 0 net.ipv4.conf.eth2.bootp_relay = 0 net.ipv4.conf.eth2.log_martians = 0 net.ipv4.conf.eth2.tag = 0 net.ipv4.conf.eth2.arp_filter = 0 net.ipv4.conf.eth2.arp_announce = 0 net.ipv4.conf.eth2.arp_ignore = 0 net.ipv4.conf.eth2.arp_accept = 0 net.ipv4.conf.eth2.disable_xfrm = 0 net.ipv4.conf.eth2.disable_policy = 0 net.ipv4.conf.eth2.force_igmp_version = 0 net.ipv4.conf.eth2.promote_secondaries = 0 net.ipv4.conf.tun0.forwarding = 1 net.ipv4.conf.tun0.mc_forwarding = 0 net.ipv4.conf.tun0.accept_redirects = 1 net.ipv4.conf.tun0.secure_redirects = 1 net.ipv4.conf.tun0.shared_media = 1 net.ipv4.conf.tun0.rp_filter = 0 net.ipv4.conf.tun0.send_redirects = 1 net.ipv4.conf.tun0.accept_source_route = 1 net.ipv4.conf.tun0.proxy_arp = 0 net.ipv4.conf.tun0.medium_id = 0 net.ipv4.conf.tun0.bootp_relay = 0 net.ipv4.conf.tun0.log_martians = 0 net.ipv4.conf.tun0.tag = 0 net.ipv4.conf.tun0.arp_filter = 0 net.ipv4.conf.tun0.arp_announce = 0 net.ipv4.conf.tun0.arp_ignore = 0 net.ipv4.conf.tun0.arp_accept = 0 net.ipv4.conf.tun0.disable_xfrm = 0 net.ipv4.conf.tun0.disable_policy = 0 net.ipv4.conf.tun0.force_igmp_version = 0 net.ipv4.conf.tun0.promote_secondaries = 0 net.ipv4.conf.vboxnet0.forwarding = 1 net.ipv4.conf.vboxnet0.mc_forwarding = 0 net.ipv4.conf.vboxnet0.accept_redirects = 1 net.ipv4.conf.vboxnet0.secure_redirects = 1 net.ipv4.conf.vboxnet0.shared_media = 1 net.ipv4.conf.vboxnet0.rp_filter = 0 net.ipv4.conf.vboxnet0.send_redirects = 1 net.ipv4.conf.vboxnet0.accept_source_route = 1 net.ipv4.conf.vboxnet0.proxy_arp = 0 net.ipv4.conf.vboxnet0.medium_id = 0 net.ipv4.conf.vboxnet0.bootp_relay = 0 net.ipv4.conf.vboxnet0.log_martians = 0 net.ipv4.conf.vboxnet0.tag = 0 net.ipv4.conf.vboxnet0.arp_filter = 0 net.ipv4.conf.vboxnet0.arp_announce = 0 net.ipv4.conf.vboxnet0.arp_ignore = 0 net.ipv4.conf.vboxnet0.arp_accept = 0 net.ipv4.conf.vboxnet0.disable_xfrm = 0 net.ipv4.conf.vboxnet0.disable_policy = 0 net.ipv4.conf.vboxnet0.force_igmp_version = 0 net.ipv4.conf.vboxnet0.promote_secondaries = 0 net.ipv4.ip_forward = 1 net.ipv4.ipfrag_high_thresh = 262144 net.ipv4.ipfrag_low_thresh = 196608 net.ipv4.ipfrag_time = 30 net.ipv4.ipfrag_secret_interval = 600 net.ipv4.ipfrag_max_dist = 64 net.ipv4.icmp_echo_ignore_all = 0 net.ipv4.icmp_echo_ignore_broadcasts = 1 net.ipv4.icmp_ignore_bogus_error_responses = 1 net.ipv4.icmp_errors_use_inbound_ifaddr = 0 net.ipv4.icmp_ratelimit = 250 net.ipv4.icmp_ratemask = 6168
1
#8 Oct 11th, 2009
•
•
•
•
Machine 192.168.0.200 is also a debian machine, that runs a honeypot (nepenthes) on a variety of ports.
From lan i can easily connect to it using 139/135/21/etc(but i dont need internet connection there so it doesnt have gateway defined).
Last edited by sknake; Oct 11th, 2009 at 6:34 pm.
0
#9 Oct 11th, 2009
OMG!!!
Man, how can i thank you ?
Now the port is widely open:
139/tcp open netbios-ssn
Works just grate!!!
Thanks very much!
Man, how can i thank you ?
Now the port is widely open:
139/tcp open netbios-ssn
Works just grate!!!
Thanks very much!
1
#10 Oct 12th, 2009
You're welcome and I'm glad you got it working. There is always the add to reputation option! 
 |
Similar Threads
- python server port forwarding problem (Python)
- Client / Server Sockets - Port forwarding help. (C#)
- vsftpd PASV + putty port forwarding (*nix Software)
- port forwarding using cmd line... (Windows NT / 2000 / XP)
- Port Forwarding on Win2003 Server? (Windows NT / 2000 / XP)
- port forwarding in Python (Python)
Other Threads in the *nix Software Forum
- Previous Thread: XEN installation in Redhat 5
- Next Thread: How can I edit scanned book pages?
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest *nix Software Posts
- Today's Posts
- Unanswered Threads
age amd apple appliances avatar bbc bluegene canonical centos chips cisco citrix cloudcomputing database debian dell desktop desktops developers development distributions dos economy energy enterprise fedora firefox france gadgets gnome google gos gpl hardware hp hyper-v ibm ibm.news intelibm java kde kernel kvm laptop laptops linustorvalds linux linuxfoundation mac macosx medicine memory microsoft mobile netbook netbooks news novell open openoffice opensolaris opensource opensuse operatingsystem operatingsystems oracle os osx patents pc port ps3 recession redhat russia sco security server servers slackware software solaris source sun supercomputer supercomputing support suse technology tivo trends ubuntu unix virtualization vista vmware windows working x86 xen
