1. Home
  2. Networking Firewalls
  3. Urgently ! need help about iptable and internet gateway/firewall

Urgently ! need help about iptable and internet gateway/firewall

Hi,

I need your help about internet gateway. ( firewall :iptable ) Now , i key command like below but i can't use my computer at local network to use internet ( web browser + MSN )

My Objective =

  1. Only want computer IP 192.168.0.111 to use web+MSN ( No allow others connection such as flashget/getright/bittorence )
  2. No permit others computer to use internet anyway

Anyone can help me ? Thank you very much Pratchaya

######################

My Network Diagram.

ADSL Router { eth1::: My Server :::: eth0 Local network (192.168.0.xx )

################## My command line ############################ /sbin/service iptables stop

iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT

--to-port 3128

iptables -P FORWARD DROP iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -s 192.168.0.111 -p tcp --dport 80

-j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -s 192.168.0.111 -p tcp --dport

1863 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -s 192.168.0.111 -p tcp --dport 443

-j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -s 192.168.0.111 -p tcp --dport

3128 -j ACCEPT

service iptables save ################## End My command line ############################

################## Result 1 ############################ [root@firewall ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination

Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- 192.168.0.111 anywhere tcp dpt:http ACCEPT tcp -- 192.168.0.111 anywhere tcp dpt:1863 ACCEPT tcp -- 192.168.0.111 anywhere tcp dpt:https ACCEPT tcp -- 192.168.0.111 anywhere tcp dpt:squid

Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@firewall ~]#

################## Result 2 ############################ [root@firewall ~]# iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3128

Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT) target prot opt source destination [root@firewall ~]#

Reply to
pratchaya
Loading thread data ...

Hallo snipped-for-privacy@banana.co.th, Du teiltest mit:

Here I wrote all essentials down for you:

formatting link
And here is a quick guide:
formatting link
HTH Urgently Wolfgang

Reply to
Wolfgang Ewert

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.