From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by nuthatch.gentoo.org with esmtp (Exim 4.62)
	(envelope-from <gentoo-user+bounces-58581-garchives=archives.gentoo.org@gentoo.org>)
	id 1H7GAg-0005kj-GF
	for garchives@archives.gentoo.org; Wed, 17 Jan 2007 19:10:06 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.13.8/8.13.8) with SMTP id l0HJ8Bcm023268;
	Wed, 17 Jan 2007 19:08:11 GMT
Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.225])
	by robin.gentoo.org (8.13.8/8.13.8) with ESMTP id l0HJ2t75021690
	for <gentoo-user@lists.gentoo.org>; Wed, 17 Jan 2007 19:02:56 GMT
Received: by wr-out-0506.google.com with SMTP id i28so662151wra
        for <gentoo-user@lists.gentoo.org>; Wed, 17 Jan 2007 11:02:55 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=googlemail.com; s=beta;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=CRZFUxL1Essehng4Opi0ljiUbAyiZpCBpGlPrk18nG4XqdeMCPWFtNM5XjKAw+rr2ydfVL+Lhl2TIYbzEDjw9MlInqqMvShY3k2riaCwy8Dz85FGudsMIuVkDuCxpyndNhQ1+ZsvutOmX7uaG0pqFGU1zaHJ4BAxltjiz0T76DI=
Received: by 10.90.86.10 with SMTP id j10mr6578935agb.1169060574945;
        Wed, 17 Jan 2007 11:02:54 -0800 (PST)
Received: by 10.90.56.8 with HTTP; Wed, 17 Jan 2007 11:02:54 -0800 (PST)
Message-ID: <6142e6140701171102k39c734d6gec6a11ebc29abcbd@mail.gmail.com>
Date: Wed, 17 Jan 2007 20:02:54 +0100
From: "Daniel Pielmeier" <daniel.pielmeier@googlemail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Setting up a home router
In-Reply-To: <20070116152154.ceb108c4.hilse@web.de>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <6142e6140701141127ke803445jb5d9a89f8fa523a@mail.gmail.com>
	 <45AB4E14.1000406@ilievnet.com>
	 <6142e6140701151017xa81c2e6k73e0a064575780f2@mail.gmail.com>
	 <20070116001332.1ccbfb03.hilse@web.de>
	 <6142e6140701151530g4eca995fhfe21396929a50b73@mail.gmail.com>
	 <20070116014049.031f8e0f.hilse@web.de>
	 <6142e6140701160003r1fcf996mf199bef9aa85ebdf@mail.gmail.com>
	 <20070116121751.ba627364.hilse@web.de>
	 <6142e6140701160410p1c91aa81i89455fcf46175b9f@mail.gmail.com>
	 <20070116152154.ceb108c4.hilse@web.de>
X-Archives-Salt: 43dc6eee-5846-4370-910e-42882a9bf283
X-Archives-Hash: 0abf8d8680d937c656e4a6c8fc706ec6

Hi again,

it seems that i was running in another problem.

This are my current iptables!

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
block      all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state
NEW,RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state
NEW,RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
block      all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain block (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state NEW
DROP       all  --  anywhere             anywhere

But everytime i start my internet connection with /etc/init.d/net.eth1
start it seems my rules were changed to this and i can't connect to
the internet!

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
LOG        udp  --  anywhere             anywhere            udp
dpts:0:1023 LOG level warning
LOG        tcp  --  anywhere             anywhere            tcp
dpts:0:1023 LOG level warning
DROP       udp  --  anywhere             anywhere            udp dpts:0:1023
DROP       tcp  --  anywhere             anywhere            tcp dpts:0:1023
LOG        tcp  --  anywhere             anywhere            tcp
flags:FIN,SYN,RST,ACK/SYN LOG level warning
DROP       tcp  --  anywhere             anywhere            tcp
flags:FIN,SYN,RST,ACK/SYN
DROP       icmp --  anywhere             anywhere            icmp echo-request

Chain FORWARD (policy DROP)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain block (0 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state
RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere            state NEW
DROP       all  --  anywhere             anywhere

What could be the problem here? Is the net init-script changing my
rules? I think i have removed shorewall completely, so there shouldn't
be any remaining files which could cause that behavior. Or are there
some remaining files from shorewall? When i invoke iptables save with
my generate rules and restart
iptables, the rules are ok and i can connect!

Thanks in advance!

Daniel
-- 
gentoo-user@gentoo.org mailing list