Iptables rules and internet access problems
Cédric Lemarchand
cedric.lemarchand at ixblue.com
Fri May 10 21:22:04 CEST 2013
The simpliest way to debug issues like this is to add before your 'DROP'
a 'LOG' rule :
iptables -A FORWARD -p tcp --dport 80 -i eth0 -o eth1 -j LOG
--log-prefix 'DROPED '
iptables -A FORWARD -p tcp --dport 80 -i eth0 -o eth1 -j DROP
This way, every packets forwarded from eth0 to eth1 to a tcp port 80
will add en entry in your syslog.
If your iptables default policy is set to DROP, then just add the LOG
rule at the end of the table definition, before the final drop. Off
course, you can do that in INPUT, OUTPUT and FORWARD tables.
http://lmgtfy.com/?q=iptables+log+drop
Cya
Le 10/05/13 17:49, noyfound a écrit :
> Hello,
>
> I have faced some problems :
>
> 1. With iptables running i can't ping my tincvpn server but as i turn
> it off i can. i have added all rules mentioned in examples but no success.
>
> 2. I want to get internet access on the client which is a win 7
> computer using tincVPN but i gained no success either (i can't use
> bridges because server is a VPS using OpenVZ)
>
> so any advice for solving this two problems is really appreciated
>
> *Server :*
> OS : centos 6.4 32bit
>
> *tinc.conf :*
> Name = server
> AddressFamily = ipv4
> Interface = tun0
>
> *Client :*
> OS : win 7 x64
>
> *tinc.conf :*
> Name = client
> AddressFamily = ipv4
> Interface = mytinc
> ConnectTo = server
>
> *Hosts files :*
> *Server :*
> Address = 69.*.*.*
> Subnet = 10.0.0.1/32 <http://10.0.0.1/32>
> == pubkey ==
>
> *Client :*
> Subnet = 10.0.0.2/32 <http://10.0.0.2/32>
> == pubkey ==
>
>
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20130510/f26a3775/attachment.html>
More information about the tinc
mailing list