全球主机交流论坛
标题:
iptables 求助
[打印本页]
作者:
nop
时间:
2012-12-26 11:38
标题:
iptables 求助
一键包装的pptp/l2tp 现在ipsec验证 xl2tp等服务都正常,就是l2tp连不上(678),应该是iptables 的问题,求高手解惑
# Generated by iptables-save v1.3.5 on Tue Dec 25 19:26:00 2012
*nat
REROUTING ACCEPT [1:40]
OSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination 8.8.8.8
-A PREROUTING -p udp -m udp --dport 53 -j DNAT --to-destination 8.8.4.4
-A POSTROUTING -s 10.10.77.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.10.88.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.10.99.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.10.77.0/255.255.255.0 -j SNAT --to-source 173.254.240.1
-A POSTROUTING -s 10.10.88.0/255.255.255.0 -j SNAT --to-source 173.254.240.1
-A POSTROUTING -s 10.10.99.0/255.255.255.0 -j SNAT --to-source 173.254.240.1
COMMIT
# Completed on Tue Dec 25 19:26:00 2012
# Generated by iptables-save v1.3.5 on Tue Dec 25 19:26:00 2012
*filter
:INPUT ACCEPT [51501:66947707]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [28105:2455938]
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i tun+ -j ACCEPT
-A INPUT -i tap+ -j ACCEPT
-A INPUT -d 173.254.240.1 -p udp -m udp --dport 500 -j ACCEPT
-A INPUT -d 173.254.240.1 -p udp -m udp --dport 4500 -j ACCEPT
-A INPUT -d 173.254.240.1 -p udp -m udp --dport 1701 -j ACCEPT
-A FORWARD -i tun+ -j ACCEPT
-A FORWARD -i tap+ -j ACCEPT
COMMIT
# Completed on Tue Dec 25 19:26:00 2012
欢迎光临 全球主机交流论坛 (https://lilynana.eu.org/)
Powered by Discuz! X3.4
REROUTING ACCEPT [1:40]OSTROUTING ACCEPT [0:0]