| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Dec 2011 11:51:03 -0600 From: "Greg Scott" <GregScott@...rasupport.com> To: "Michal Soltys" <soltys@....info> Cc: "David Lamparter" <equinox@...c24.net>, <netdev@...r.kernel.org> Subject: RE: ebtables on a stick Yes. 1.2.115.157 will eventually be an H.323 codec and will need to accept incoming calls. For right now, it's just a test Windows system I had handy. I should have copied you on some of the other emails this morning. They should be in the netdev list but I'll forward them privately too. - Greg -----Original Message----- From: Michal Soltys [mailto:soltys@....info] Sent: Thursday, December 01, 2011 11:44 AM To: Greg Scott Cc: David Lamparter; netdev@...r.kernel.org Subject: Re: ebtables on a stick On 11-12-01 06:46, Greg Scott wrote: > Well this is frustrating. Now my public host can communicate anywhere > it wants internally but nothing outside. Maddening - the exact > opposite problem I had before. > > > $IPTABLES -A FORWARD -s 1.2.115.157 -j ACCEPT > $IPTABLES -A FORWARD -s 192.168.10.0/24 -d 1.2.115.157 -j ACCEPT > $IPTABLES -A FORWARD -p TCP --dport 1720 -d $ADR -j allowed > $IPTABLES -A FORWARD -p TCP -s $MGMT_IP -d $ADR -j allowed > And accepting traffic to 1.2.115.157 from the outside ? Are there any -m state / -m conntrack --ctstate entries in your rules ?
Powered by blists - more mailing lists