Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Firewalls
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: cant connect to port 80

from [Stefan Samfirescu] Network Security [Permanent Link]
Subject: Re: cant connect to port 80
Date: Mon, 22 Aug 2005 09:59:33 +0300
The line with the state match accepts only "NEW" packets on ports 80 and 443 - maybe this is your problem. You should remove the state match and accept all packets destined to these ports:

$IPT -t filter -A FORWARD -i eth1 -o eth2 -m multiport -p tcp --dport 80,443 -j ACCEPT

You should also explain in much more detail your setup and what you're trying to do.


Stefan Samfirescu


Brent Clark wrote:

Hi list

I have my routing rules as so

/sbin/ip route add 196.36.10.113 dev eth0 src 196.36.10.114 table IS
/sbin/ip route add default via 196.36.10.113 table IS

/sbin/ip route add 192.168.10.200 dev eth2 src 192.168.10.100 table TELKOM
/sbin/ip route add default via 192.168.10.200 table TELKOM

/sbin/ip route add 196.36.10.113 dev eth0 src 196.36.10.114
/sbin/ip route add 192.168.10.200 dev eth2 src 192.168.10.100

/sbin/ip route add default via 196.36.10.113

/sbin/ip rule add from 196.36.10.114 table IS
/sbin/ip rule add from 192.168.10.100 table TELKOM

/sbin/ip rule add fwmark 1 table TELKOM

apart from the rest of my firewall ruleset

I have an entry as :

$IPT -t nat -A PREROUTING -i eth1 -t mangle -p tcp --dport 80 -j MARK --set-mark 1
$IPT -t filter -A FORWARD -i eth1 -o eth2 -m multiport -p tcp --dport 80,443 -m state --state NEW -j ACCEPT

My browser cant seem to  connect to a webserver.

Probally a routing issue, as I see that I dont get any messages in syslog of FORWARD complaining.

If anyone could help, it would be most appreciated.

Kind Regards
Brent Clark






[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: cant connect to port 80, Brent Clark
Next by Date:  Web Site Blooking, mrmogenahalli
Previous by Thread:  Re: cant connect to port 80, Brent Clark
Next by Thread:  Re: cant connect to port 80, Nicolas Haller
Indexes:  [Date] [Thread] [Top] [All Lists]