problema de nat en mi pc??
Manuel Alejandro Cano Olivares
manuel.cano.o en mail.ucv.cl
Vie Ene 21 11:58:06 CLST 2005
> > iptables -v -L -n
[...]
>linux:/home/visita # iptables -v -L -n
>Chain INPUT (policy DROP 0 packets, 0 bytes)
> pkts bytes target prot opt
> in out source destination
>
> 182 11045
> ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
>
> 528K 114M
> ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
> state RELATED,ESTABLISHED
> 1105 176K
> ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
> state RELATED,ESTABLISHED
> 2074 141K
> LOG all -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-IN-ILL-TARGET '
> 3505 223K
> DROP all -- * * 0.0.0.0/0 0.0.0.0/0
>
>
>Chain FORWARD (policy DROP 0 packets, 0 bytes)
> pkts bytes target prot opt
> in out source destination
>
>
>Chain OUTPUT (policy DROP 10 packets, 400 bytes)
> pkts bytes target prot opt
> in out source destination
>
> 182 11045
> ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
>
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 11 LOG flags 6 level 4 prefix
> `SFW2-OUT-TRACERT-ATTEMPT '
> 0 0 DROP icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 4
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 9
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 10
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 code 13
> 6 662 DROP icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3
> 698K 778M
> ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
> state NEW,RELATED,ESTABLISHED
> 10 400
> LOG all -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-OUT-ERROR '
>
>Chain forward_dmz (0 references)
> pkts bytes target prot opt
> in out source destination
>
>
>Chain forward_ext (0 references)
> pkts bytes target prot opt
> in out source destination
>
>
>Chain forward_int (0 references)
> pkts bytes target prot opt
> in out source destination
>
>
>Chain input_dmz (0 references)
> pkts bytes target prot opt
> in out source destination
>
> 0 0
> DROP all -- * * 0.0.0.0/0 0.0.0.0/0
> PKTTYPE = broadcast
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 4
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 0
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 3
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 11
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 12
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 14
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 18
> 0 0
> LOG all -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix
> `SFW2-INdmz-DROP-DEFLT-INV '
> 0 0
> DROP all -- * * 0.0.0.0/0 0.0.0.0/0
> state INVALID
> 0 0
> LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix
> `SFW2-INdmz-DROP-DEFLT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix
> `SFW2-INdmz-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix
> `SFW2-INdmz-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix
> `SFW2-INdmz-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix
> `SFW2-INdmz-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix
> `SFW2-INdmz-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix
> `SFW2-INdmz-DROP-ICMP-CRIT '
> 0 0
> LOG udp -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INdmz-DROP-DEFLT '
> 0 0
> DROP all -- * * 0.0.0.0/0 0.0.0.0/0
>
>
>Chain input_ext (0 references)
> pkts bytes target prot opt
> in out source destination
>
> 0 0
> DROP all -- * * 0.0.0.0/0 0.0.0.0/0
> PKTTYPE = broadcast
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 4
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 0
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 3
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 11
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 12
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 14
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 18
> 0 0
> LOG all -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix
> `SFW2-INext-DROP-DEFLT-INV '
> 0 0
> DROP all -- * * 0.0.0.0/0 0.0.0.0/0
> state INVALID
> 0 0
> LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 tcp dpts:6881:6889 flags:0x16/0x02 LOG flags 6
> level 4 prefix `SFW2-INext-ACC-TCP '
> 0 0
> ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
> tcp dpts:6881:6889
> 0 0
> reject_func tcp -- * * 0.0.0.0/0 0.0.0.0/0
> tcp dpt:113 state NEW
> 0 0
> LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix
> `SFW2-INext-DROP-DEFLT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix
> `SFW2-INext-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix
> `SFW2-INext-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix
> `SFW2-INext-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix
> `SFW2-INext-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix
> `SFW2-INext-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix
> `SFW2-INext-DROP-ICMP-CRIT '
> 0 0
> LOG udp -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INext-DROP-DEFLT '
> 0 0
> DROP all -- * * 0.0.0.0/0 0.0.0.0/0
>
>
>Chain input_int (0 references)
> pkts bytes target prot opt
> in out source destination
>
> 0 0
> ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
>
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 4
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 0
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 3
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 11
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 12
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 14
> 0 0 ACCEPT icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED icmp type 18
> 0 0
> LOG all -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 state INVALID LOG flags 6 level 4 prefix
> `SFW2-INint-DROP-DEFLT-INV '
> 0 0
> DROP all -- * * 0.0.0.0/0 0.0.0.0/0
> state INVALID
> 0 0
> LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 tcp flags:0x16/0x02 LOG flags 6 level 4 prefix
> `SFW2-INint-DROP-DEFLT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 4 LOG flags 6 level 4 prefix
> `SFW2-INint-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 5 LOG flags 6 level 4 prefix
> `SFW2-INint-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 8 LOG flags 6 level 4 prefix
> `SFW2-INint-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 13 LOG flags 6 level 4 prefix
> `SFW2-INint-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 17 LOG flags 6 level 4 prefix
> `SFW2-INint-DROP-ICMP-CRIT '
> 0 0 LOG icmp
> -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg
> 3/min burst 5 icmp type 2 LOG flags 6 level 4 prefix
> `SFW2-INint-DROP-ICMP-CRIT '
> 0 0
> LOG udp -- * * 0.0.0.0/0 0.0.0.0/0
> limit: avg 3/min burst 5 LOG flags 6 level 4 prefix `SFW2-INint-DROP-DEFLT '
> 0 0
> DROP all -- * * 0.0.0.0/0 0.0.0.0/0
>
>
>Chain reject_func (1 references)
> pkts bytes target prot opt
> in out source destination
>
> 0 0
> REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0
> reject-with tcp-reset
> 0 0
> REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0
> reject-with icmp-port-unreachable
> 0 0
> REJECT all -- * * 0.0.0.0/0 0.0.0.0/0
> reject-with icmp-proto-unreachable
>
>Personalmente no entiendo nada.
>
>
>Mauricio Vargas P.
>Geólogo
>MSc en Geología
>Usurio Linux # 326558 http://counter.li.org
>http://users.quickfox.org/~mauriciovargas/
Si descargas desde el SuSE:
como azareus usa el puerto 6881, tendrias permitir la entrada por este
puerto para que otros se conecten a tu aplicacion
iptables -I INPUT -p tcp --dport 6881 -j ACCEPT
iptables -I INPUT -p udp --dport 6881 -j ACCEPT
Por otro lado, si no descargas desde el suse y solo lo usas para enmascarar
a otro pc desde el cual usas azareus, se necesita que indiques el resultado
de iptables -L -v -n -t nat y la ip del pc que si descarga
Manuel Alejandro Cano Olivares
User: #102550 counter.li.org
Movil: 091396028
WEB: http://www.daya.cl
Más información sobre la lista de distribución Linux